This is a security question. Our site has V5R1. The company is large, but the IT staff is small (one person wearing many hats). The IT management wants to set the QSECOFR to only be able to sign on to a specific device. However, all the devices are dynamically assigned (except for the console). How is this to be done when the users are 'assigned' a device when they sign on? I can foresee other issues with doing this as well. How is the QSECOFR to sign in from 'home' if there is a problem that needs to be addressed after hours?
I have struggled with the same problem on my systems. I chose not to limit QSECOFR and other *ALLOBJ authority users to a single console.
However, if you wish to do this you could created a device description, change it's authority so it is *PUBLIC *EXCLUDE / QSECOFR *CHANGE and then set up your 5250 emulation software to use this device. This is easily done if you use CA/400 Express for your 5250 emulation sessions. I believe Rumba's most current 5250 emulation software supports specifying a specific device name, too.
As an added benefit you could also allocate this specific device description, by adding a Workstation Entry (ADDWSE), to subsystem QCTL. Then if you ever needed to access the system while QINTER is down, you could. This has "saved" me more than once when I needed to fix a problem from home while the QINTER subsystem was inactive as part of our backup process.
MORE INFORMATION ON THIS TOPIC
The Best Web Links: tips, tutorials and more.
Ask your systems management questions--or help out your peers by answering them--in our live discussion forums.
Dig Deeper on Performance
Related Q&A from Ken Graap
The BRMS Network feature allows a BRMS system to connect to other BRMS systems via a network, and enables a user to consolidate media such as backup ... Continue Reading
The only option to correct damage preventing file journaling is to use the RCLSTG command. Continue Reading
IBM's iSeries Backup and Recovery manual answers many questions related to system backup and disaster recovery. Continue Reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.