Problem solve Get help with specific problems with your technologies, process and projects.

Signing on to a specific device

This is a security question. Our site has V5R1. The company is large, but the IT staff is small (one person wearing many hats). The IT management wants to set the QSECOFR to only be able to sign on to a specific device. However, all the devices are dynamically assigned (except for the console). How is this to be done when the users are 'assigned' a device when they sign on? I can foresee other issues with doing this as well. How is the QSECOFR to sign in from 'home' if there is a problem that needs to be addressed after hours?

I have struggled with the same problem on my systems. I chose not to limit QSECOFR and other *ALLOBJ authority users to a single console.

However, if you wish to do this you could created a device description, change it's authority so it is *PUBLIC *EXCLUDE / QSECOFR *CHANGE and then set up your 5250 emulation software to use this device. This is easily done if you use CA/400 Express for your 5250 emulation sessions. I believe Rumba's most current 5250 emulation software supports specifying a specific device name, too.

As an added benefit you could also allocate this specific device description, by adding a Workstation Entry (ADDWSE), to subsystem QCTL. Then if you ever needed to access the system while QINTER is down, you could. This has "saved" me more than once when I needed to fix a problem from home while the QINTER subsystem was inactive as part of our backup process.


The Best Web Links: tips, tutorials and more.

Ask your systems management questions--or help out your peers by answering them--in our live discussion forums.

Dig Deeper on Performance

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.