User profiles that have *jobctl

As the system administrator, I was reviewing some user profiles that had *jobctl. I did not want them to have that much authority and I changed the authority to *none. The users use a third-party software and their utility sbmjob program that gets called issues a chgjob command. Now the utility jobs blows up because the users are not allowed to change the job. I had to put back the *jobctl authority so they can run their jobs. What are my options and what option would you recommend?

I'm not sure I can give you the answer you're looking for without knowing a bit more about the utility. But one idea that comes to mind - is it possible to modify the utility to submit a job that runs a program that adopts a user that has *JOBCTL? That program then calls the regular part of the utility - the one that does the CHGJOB and requires *JOBCTL.

==================================
MORE INFORMATION ON THIS TOPIC
==================================

The Best Web Links: Tips, tutorials and more.

Search400.com's targeted search engine: Get relevant information on security.

Ask your systems management questions--or help out your peers by answering them--in our live discussion forums.

Read this Search400.com Featured Topic: Secure your iSeries