How can I prevent the user, who has an UPDDTA authority, from deleting the DFU Audit Log?
The DFU audit log is actually a spooled file. If you can specify which outq the audit log goes to, specify that the spooled file goes to a secured outq. If the user has *JOBCTL special authority, make sure you send the spooled file to an outq that was created with OPRCTL(*NO) so they cannot manipulate the spooled file. If the user has *SPLCTL special authority, you cannot prevent them from deleting the spooled file.
MORE INFORMATION ON THIS TOPIC
The Best Web Links: Tips, tutorials and more.
Search400.com's targeted search engine: Get relevant information on security.
Ask your systems management questions--or help out your peers by answering them--in our live discussion forums.
Read this Search400.com Featured Topic: Secure your iSeries
Dig Deeper on iSeries system and application security
Related Q&A from Carol Woodbury
Before changing password levels and upgrading operating systems on the AS/400, ensure the clients connecting to the NetServer do not need the old ... Continue Reading
When error messages arise concerning attempts to use a permanent system object without authority, find the source of the issue by looking for an AF ... Continue Reading
The UPPWEI field corresponds to the password expiration interval field, and its values "0" and "-1" represent the *SYSVAL and *NOXMAX commands. Continue Reading