As the system administrator, I was reviewing some user profiles that had *jobctl. I did not want them to have that much authority and I changed the authority to *none. The users use a third-party software and their utility sbmjob program that gets called issues a chgjob command. Now the utility jobs blows up because the users are not allowed to change the job. I had to put back the *jobctl authority so they can run their jobs. What are my options and what option would you recommend?
I'm not sure I can give you the answer you're looking for without knowing a bit more about the utility. But one idea that comes to mind - is it possible to modify the utility to submit a job that runs a program that adopts a user that has *JOBCTL? That program then calls the regular part of the utility - the one that does the CHGJOB and requires *JOBCTL.
MORE INFORMATION ON THIS TOPIC
The Best Web Links: Tips, tutorials and more.
Search400.com's targeted search engine: Get relevant information on security.
Ask your systems management questions--or help out your peers by answering them--in our live discussion forums.
Read this Search400.com Featured Topic: Secure your iSeries
Dig Deeper on iSeries system and application security
Related Q&A from Carol Woodbury
Before changing password levels and upgrading operating systems on the AS/400, ensure the clients connecting to the NetServer do not need the old ... Continue Reading
Look in the audit journal (QAUDJRN) on the AS/400 for an authority failure message with the name of the library as the object name. Use the ... Continue Reading
When error messages arise concerning attempts to use a permanent system object without authority, find the source of the issue by looking for an AF ... Continue Reading