We are still at security level 30 and are considering moving to 40. Apparently this is a very easy step to take. First verify that the correct QAUDLVL entries are running, which are *pgmfail and *autfail. Review the journal for entry types of AF or J, which we haven't captured any in the three months of data in the journal. Is it safe to say that I can change the security level to 40 without any issues based on the above information? Are there any other areas of concern that I haven't identified?
From your brief description I'm guessing it's safe to move to security level 40. However, I would advise you to read about moving to security level 40 in Chapter 2 of the IBM Security Reference manual (available from
IBM's information center
) to make sure you've looked for all of the necessary audit journal entry types.
Dig Deeper on iSeries system and application security
Before changing password levels and upgrading operating systems on the AS/400, ensure the clients connecting to the NetServer do not need the old ...
Look in the audit journal (QAUDJRN) on the AS/400 for an authority failure message with the name of the library as the object name. Use the ...
When error messages arise concerning attempts to use a permanent system object without authority, find the source of the issue by looking for an AF ...