I changed (as suggested the company that audits my security) the QCRTAUT system value from *CHANGE to *USE. I can't run a SAVRSTOBJ between my two iSeries without using an *ALLOBJ profile. What kind of authority should I grant to my *SYSOPR profiles in order to run a SAVRSTOBJ successfully between my machines? I'm receiving the message "attempt to use the permanent object &1 of the system without authorization". This message suggests that I should grant authorization over some system objects, but it doesn't tell me what the objects are.
You should be able to give your operator's *SAVSYS special authority and they should be able to perform the SAVRSTOBJ. The details of what is required if you don't give them *SAVSYS can be found in Appendix D of the iSeries Security Reference manual. The command is listed in the table at the beginning of the Appendix called Commands Common for Most Objects.
MORE INFORMATION ON THIS TOPIC
The Best Web Links: tips, tutorials and more.
Search400's targeted search engine: Get relevant information on security.
Ask your systems management questions--or help out your peers by answering them--in our live discussion forums.
Check out this Search400.com Featured Topic: Top ten security tips
Dig Deeper on iSeries system and application security
Related Q&A from Carol Woodbury
Before changing password levels and upgrading operating systems on the AS/400, ensure the clients connecting to the NetServer do not need the old ... Continue Reading
Look in the audit journal (QAUDJRN) on the AS/400 for an authority failure message with the name of the library as the object name. Use the ... Continue Reading
The UPPWEI field corresponds to the password expiration interval field, and its values "0" and "-1" represent the *SYSVAL and *NOXMAX commands. Continue Reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.