Security and Security System Values

Slides:



Advertisements
Similar presentations
August 29, Accessing the iSeries and Some Commands.
Advertisements

Week # 2 - Agenda Types of AS/400 Objects Qualified/Unqualified Names
9.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 9: Installing and Configuring.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 9: Implementing and Using Group Policy.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 10: Server Administration.
Linux+ Guide to Linux Certification, Second Edition
Installing Windows XP Professional Using Attended Installation Slide 1 of 41Session 2 Ver. 1.0 CompTIA A+ Certification: A Comprehensive Approach for all.
WebReport/400 TCP/IP Configuration Presented by Kisco Information Systems.
The AS/400 and the printing process
1 REVIEW Object types - ???? System security levels - ???? Current library - How is it assigned ???? How do you change it??? Qualified naming - What is.
Chapter 16 - Monitoring Hardware and Jobs
Chapter 5 File and Printer Services
W1L1ops400.ppt1 Welcome! OPS400 students to the POWER SYSTEM Mid-Range Operating System.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 9: Implementing and Using Group Policy.
Sharing Resources Lesson 6. Objectives Manage NTFS and share permissions Determine effective permissions Configure Windows printing.
Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 3 Administration of Users.
1 Group Account Administration Introduction to Groups Planning a Group Strategy Creating Groups Understanding Default Groups Groups for Administrators.
5.1 © 2004 Pearson Education, Inc. Lesson 5: Administering User Accounts Exam Microsoft® Windows® 2000 Directory Services Infrastructure Goals 
Mastering the AS/400, Third Edition, author Jerry Fottral 1 Week 2 The System The AS/400 is a multi-user, multi-tasking system -- a system on which many.
University of Management & Technology 1 Operating Systems & Utility Programs.
Copyright © 2007, Oracle. All rights reserved. Managing Concurrent Requests.
Linux+ Guide to Linux Certification, Third Edition
Computer Networking From LANs to WANs: Hardware, Software, and Security Chapter 13 FTP and Telnet.
Managing users and security Akhtar Ali. Aims Understand and manage profiles Understand and manage users Understand and manage privileges Understand and.
Module 5: Implementing Group Policy
CHAPTER Creating and Managing Users and Groups. Chapter Objectives Explain the use of Local Users and Groups Tool in the Systems Tools Option to create.
Chapter 10 Chapter 10: Managing the Distributed File System, Disk Quotas, and Software Installation.
L9C6ops400.ppt1 Device configuration Chapter 6 How to connect devices to the AS/400.
IBC233 Lecture 2 Updated Winter 2008 Agenda Test next Week – Jan 23 ISeries Architecture CL (Control Language) Library Lists Operations Navigator.
Week 4 presentation! This week we will cover editing and the use of the on-board tools provided, SEU and PDM.
1 “User” A person who “uses” the AS/400 You are all “Users” each with an unique Userid A Userid identifies you to the system when you signon or run a job.
W6L1ops400.ppt1 Reviews. 2 Notation types? Difference ? Job commands ?Get help with CMD??? Menu What role does the user profile play?What is your job.
Lecture 3 REVIEW of concepts security assistance profiles Library list
NetTech Solutions Security and Security Permissions Lesson Nine.
Mastering the AS/400, Third Edition, author Jerry Fottral 1 Week 12 Lesson Overview Introduce the idea of object authorization and see how library and.
1 Week # 4 Introduction to PDM PDM is a workbench environment that lets programmers and system operators navigate the three levels of the AS/400’s object-based.
W1L2ops400.ppt1 Lecture 1 OPS400 AS/400 / iSeries / eSeries Mid-Range Operating System OS/400.
19 Copyright © 2008, Oracle. All rights reserved. Security.
ITMT Windows 7 Configuration Chapter 6 – Sharing Resource ITMT 1371 – Windows 7 Configuration 1.
SQL Database Management
3 A Guide to MySQL.
Guide to Operating Systems, 5th Edition
ICE Integrated Cloud Environment Cloud Scanning and Mobile Printing
Messages, Logs, and Cleanup
Operating System, Licensed Program Products, and PTFs
Chapter 16 Basic Trouble Shooting, Problem solving and Using Electronic Customer Support (ECS)
Chapter 6 Chapter 6 - Summary.
SubAnywhere: Setup and Configuration
Objects, Libraries, and Library Lists
CONTENT MANAGEMENT SYSTEM CSIR-NISCAIR, New Delhi
Introduction to Operating Systems
Lecture 2 REVIEW of concepts security assistance profiles Library list
IPOM and E-Booking.
Chapter 10 Backup and Recovery.
OS/400 Command Structure and Control Language
Starting and Stopping the AS/400
Chapter 13 Subsystems.
Dynamic Web Page A dynamic web page is a kind of web page that has been prepared with fresh information (content and/or layout), for each individual viewing.
Data File Import / Export
IBC233 Week 2 Updated Winter 2011
Handling Spooled Files and Printing Functions
For a new user you must click on the “Registration for Generator” link
James Blankenship March , 2018
Optimizing Efficiency + Funding
This is the Sign In page for the Dashboard
Chapter 9: Managing Groups, Folders, Files, and Object Security
IBC233 Week 2 Updated Fall 2011.
Introducing NTFS Reliability Security Long file names Efficiency
Welcome to IBC233 Cindy Laurin.
iSecurity Password-Reset Training
Presentation transcript:

Security and Security System Values Chapter 11 Security and Security System Values

Security Two Broad Areas Physical security. Data security. Understanding AS/400 System Operations

Data Security Three Broad Areas System level. User profiles. Object. Understanding AS/400 System Operations

Understanding AS/400 System Operations System Security Level QSECURITY: Security Level 20: (SL20). User ID and password required. Full access. Security Level 30: (SL30). Complete system security. Valid user ID and password required. Access to objects by authority. Most common. Understanding AS/400 System Operations

Understanding AS/400 System Operations System Security Level Security Level 40: (SL40). Level 30 plus. Prevents applications from using “unauthorized” low-level programming techniques. Security Level 50: (SL50). “C2” - Department of Defense. Only access given explicit access. Programs abnormal end if access low-level functions. Programs abnormal end access AS/400 APIs or functions. Understanding AS/400 System Operations

Understanding AS/400 System Operations User Profiles All user profiles reside in system library, QSYS. Understanding AS/400 System Operations

Understanding AS/400 System Operations User Profile Defines Basic security information. Special authorities granted. Job processing information: Job queue. Output queue. Initial program or menu to call. Current library. Understanding AS/400 System Operations

Components of a User Profile Understanding AS/400 System Operations

IBM Default User Profiles Security Officer. QSECOFR. Unlimited access to objects. System Administrator. No profile provided. Creating and maintaining user profiles. Understanding AS/400 System Operations

IBM Default User Profiles System Operator. QSYSOPR. Control jobs, print files. Backup and restore functions. Programmers. QPGMR. Broad access to development libraries. Users. QUSER. End User. Understanding AS/400 System Operations

Special Service User Profiles QSRV Services (all functions). This is the profile that the person who services the AS/400 will use. QSRVBAS Services (limited functions). Understanding AS/400 System Operations

Additional IBM-supplied User Profiles Not To Used By User. Used Internally To Do Special Functions. QAUTPROF IBM general authority profile. QBRMS Backup Recovery Media (BRM) profile. QDBSHR Database share profile. Understanding AS/400 System Operations

Additional IBM-supplied User Profiles QDFTOWN All objects on the AS/400 must be owned by a legitimate user. If a user profile is no longer valid its objects’ ownership are changed to QDFTOWN. QDOC Document Profile. QDSNX Distributed system node executive. Understanding AS/400 System Operations

Additional IBM-supplied User Profiles QFNC Finance Profile. QGATE User profile to bridge into PROFS. (VM/MVS on mainframes). QLPAUTO Licensed program auto- installation user. QLPINSTALL Licensed program installation user. Understanding AS/400 System Operations

Additional IBM-supplied User Profiles QMSF Mail server framework profile. QNETSPLF Network spooling profile. QNFSANON NFS user profile. QSNADS SNADS user. QSPL Spooling user. QSPLJOB Spooling readers/writers job user profile. Understanding AS/400 System Operations

Additional IBM-supplied User Profiles QSYS Internal system user. QTCP TCP/IP user. Understanding AS/400 System Operations

Understanding AS/400 System Operations Special Authorities Special authorities are user-based. Here is what they do: *ALLOBJ: Can do anything to any object. Reserved for SECOFR. Overrides all private/public authorities. *AUDIT: Control auditing. *IOSYSCFG: Change system configuration issues. Understanding AS/400 System Operations

Understanding AS/400 System Operations Special Authorities *JOBCTL: Manage jobs running on the system. Given to system operators. *SAVSYS: Perform backup/restore. Understanding AS/400 System Operations

Understanding AS/400 System Operations Special Authorities *SECADM: Create and alter user profiles. *SECADM allows a user to: Create, change, and delete user profiles. Add user to distribution list. Work with access to documents/folders. Control access to the system. Change security-related system values and network attributes. Understanding AS/400 System Operations

Understanding AS/400 System Operations Special Authorities *SERVICE: Service and dump functions. Run service functions like System Service Tools (SST). *SPLCTL: Manage output queues. Can browse only output queues not restricted. Understanding AS/400 System Operations

Understanding AS/400 System Operations User Class User default special authorities controls menu options. *SECOFR *SECADM *PGMR *SYSOPR *USER Understanding AS/400 System Operations

Class Special Authorities Figure 11-1: Special authorities granted to user classes in SL20 AS/400s. Understanding AS/400 System Operations

Class Special Authorities Figure 11-2: special authorities granted to user classes in all other AS/400 security levels. Understanding AS/400 System Operations

Object Security (Authorities) Users named on object in several forms: Ownership. Named users & specific authorities. Authorization lists. Public authority. Understanding AS/400 System Operations

Ownership – Single and Group Four categories: Person who created object. Previous owners’ authorities. Group user profile of creator. User ownership transferred to. Understanding AS/400 System Operations

Object Management Authorities Operational can use as determined by other specific authorities. Management can specify security for the object, can move or rename it. Existence can delete the object, change owner, free storage, perform save/restore functions on object. Authority List Management can attach an authority list to objects. Alter can change attributes of database files or add/remove stored triggers. Reference. can name a database table as the parent in a referential integrity situation. Understanding AS/400 System Operations

Understanding AS/400 System Operations Data Authorities *READ Can read contents of objects. *ADD Can add to contents of objects. *UPD Can change contents of objects. *DLT Can delete all/part of object contents. *EXECUTE Can execute object. Understanding AS/400 System Operations

Four Pre-defined Specific Authorities *ALL All management and all data authorities. *CHANGE User operational authority and all data authorities. *USE Operational, read, and execute authorities. Can not add/ change/delete object’s contents. *EXCLUDE No access. Understanding AS/400 System Operations

Understanding AS/400 System Operations Figure 11-3: System authority structure. Understanding AS/400 System Operations

Understanding AS/400 System Operations Adopted Authority Methods to adopt authority in one of two ways: On program creation, by specifying it on the USRPRF parameter. After the program has been created with the Change Program (CHGPGM) command: CHGPGM <library/program name> + USEADPAUT(*yes) Understanding AS/400 System Operations

System Values and System Security QAUDLVL—Keeping a Security Audit QAUTOVRT—Auto configuration of Virtual Devices QDSPSGNINF—Sign-on display information control QINACTITV—Inactive Job Time-out Interval Understanding AS/400 System Operations

System Values and System Security QINACTMSGQ—Inactive Job Message Queue QLMTDEVSSN—Limits Device Sessions QLMTSECOFR—Limits Security Officer device access QMAXSIGN—Maximum Sign-On Attempts Understanding AS/400 System Operations

System Values and System Security QMAXSGNACN—Maximum Sign-On Failed Action QPWDEXPITV—Password Expiration Interval QPWDLMAJC—Limit Adjacent Characters In Password Understanding AS/400 System Operations

System Values and System Security QPWDLMREP—Limit Repeated Characters In Password QPWDLMTCHR—Invalid Password Characters QPWDMAXLEN—Maximum Password Length Understanding AS/400 System Operations

System Values and System Security QPWDMINLEN—Minimum Password Length QPWDPOSDIP—Force All New Password Characters to Be Different QPWDRQDDGT—Force the Use of at Least One Number In a Password Understanding AS/400 System Operations

System Values and System Security QPWDRQDDIF—Expired Password Must Be Changed QPWDVLDPGM—User Program to Validate Passwords QRETSVRSEC—Retain Server Security Data QSECURITY—Security Level QUSEADPAUT—Use Adopted Authority Understanding AS/400 System Operations

Understanding AS/400 System Operations Security Menu SECURITY Security System: BIGBLUE Select one of the following: 1. Work with object authority 2. Work with authorization lists 3. Office security 4. Change your password 5. Change your user profile 6. Work with user profiles 7. Work with system values 8. Security tools 70. Related commands Selection or command ===>___________________________________________________________________ F3=Exit F4=Prompt F9=Retrieve F12=Cancel F13=Information Assistant F16=AS/400 Main menu (C) COPYRIGHT IBM CORP. 1980, 1998. Figure 11-4: Security menu. Understanding AS/400 System Operations

Changing Default User IDs Password Change Passwords for IBM-Supplied Users System: BIGBLUE Type new password below for IBM-supplied user, type password again to verify change, then press Enter. New security officer (QSECOFR) password . . . . . . . . . . New password (to verify) . . . . . . . . . . . . . . . . . New system operator (QSYSOPR) password . . . . . . . . . . . New programmer (QPGMR) password . . . . . . . . . . . . . . New user (QUSER) password . . . . . . . . . . . . . . . . . New service (QSRV) password . . . . . . . . . . . . . . . . More... F1=Help F3=Exit F5=Refresh F12=Cancel Figure 11-5: Screen from Setup menu to change IBM-supplied passwords. Understanding AS/400 System Operations

User-profile Commands CRTUSRPRF - Create user profile. CHGUSRPRF - Change user profile. DLTUSRPRF - Delete user profile. DSPUSRPRF - Display user profile. RSTUSRPRF - Restore user profile. RTVUSRPRF - Retrieve user profile information (CL PGMs only). Understanding AS/400 System Operations

Create User Profile Screen 1 Create User Profile (CRTUSRPRF) Type choices, press Enter. User profile . . . . . . . . . . Name User password . . . . . . . . . *USRPRF Name, *USRPRF, *NONE Set password to expired . . . . *NO *NO, *YES Status . . . . . . . . . . . . . *ENABLED *ENABLED, *DISABLED User class . . . . . . . . . . . *USER *USER, *SYSOPR, *PGMR... Assistance level . . . . . . . . *SYSVAL *SYSVAL, *BASIC, *INTERMED... Current library . . . . . . . . *CRTDFT Name, *CRTDFT Initial program to call . . . . *NONE Name, *NONE Library . . . . . . . . . . . Name, *LIBL, *CURLIB Initial menu . . . . . . . . . . MAIN Name, *SIGNOFF Library . . . . . . . . . . . *LIBL Name, *LIBL, *CURLIB Limit capabilities . . . . . . . *NO *NO, *PARTIAL, *YES Text 'description' . . . . . . . *BLANK                                   _________________________ Bottom F3=Exit F4=Prompt F5=Refresh F10=Additional parameters F12=Cancel F13=How to use this display F24=More keys Figure 11-6: Prompted version of command CRTUSRPRF (screen 1). Understanding AS/400 System Operations

Create User Profile Screen 2 Create User Profile (CRTUSRPRF) Type choices, press Enter. Additional Parameters Special authority . . . . . . . *USRCLS *USRCLS, *NONE, *ALLOBJ... + for more values          Special environment . . . . . . *SYSVAL *SYSVAL, *NONE, *S36 Display sign-on information . . *SYSVAL *SYSVAL, *NO, *YES Password expiration interval . . *SYSVAL 1-366, *SYSVAL, *NOMAX Limit device sessions . . . . . *SYSVAL *SYSVAL, *YES, *NO Keyboard buffering . . . . . . . *SYSVAL *SYSVAL, *NO, *TYPEAHEAD... Maximum allowed storage . . . . *NOMAX Kilobytes, *NOMAX Highest schedule priority . . . 3 0-9 Job description . . . . . . . . QDFTJOBD Name Library . . . . . . . . . . . *LIBL Name, *LIBL, *CURLIB Group profile . . . . . . . . . *NONE Name, *NONE Owner . . . . . . . . . . . . . *USRPRF *USRPRF, *GRPPRF More... F3=Exit F4=Prompt F5=Refresh F12=Cancel F13=How to use this display F24=More keys Figure 11-7: Prompted version of command CRTUSRPRF-Additional Parameters (screens 2 of 4). Understanding AS/400 System Operations

Create User Profile Screen 3 Create User Profile (CRTUSRPRF) Type choices, press Enter. Group authority . . . . . . . . *NONE *NONE, *ALL, *CHANGE, *USE... Group authority type . . . . . . *PRIVATE *PRIVATE, *PGP Supplemental groups . . . . . . *NONE Name, *NONE + for more values          Accounting code . . . . . . . . *BLANK   Document password . . . . . . . *NONE Name, *NONE Message queue . . . . . . . . . *USRPRF Name, *USRPRF Library . . . . . . . . . . . Name, *LIBL, *CURLIB Delivery . . . . . . . . . . . . *NOTIFY *NOTIFY, *BREAK, *HOLD, *DFT Severity code filter . . . . . . 0 0-99 Print device . . . . . . . . . . *WRKSTN Name, *WRKSTN, *SYSVAL Output queue . . . . . . . . . . *WRKSTN Name, *WRKSTN, *DEV Attention program . . . . . . . *SYSVAL Name, *NONE, *SYSVAL, *ASSIST More... F3=Exit F4=Prompt F5=Refresh F12=Cancel F13=How to use this display F24=More keys Figure 11-7: Prompted version for command CRTUSRPRF (screen 3 of 4). Understanding AS/400 System Operations

Create User Profile Screen 4 Create User Profile (CRTUSRPRF) Type choices, press Enter. Sort sequence . . . . . . . . . *SYSVAL Name, *SYSVAL, *HEX... Library . . . . . . . . . . . Name, *LIBL, *CURLIB Language ID . . . . . . . . . . *SYSVAL *SYSVAL... Country ID . . . . . . . . . . . *SYSVAL *SYSVAL... Coded character set ID . . . . . *SYSVAL *SYSVAL, *HEX... Character identifier control . . *SYSVAL *SYSVAL, *DEVD, *JOBCCSID Locale job attributes . . . . . *SYSVAL *SYSVAL, *NONE, *CCSID... + for more values        Locale . . . . . . . . . . . . . *SYSVAL User options . . . . . . . . . . *NONE *NONE, *CLKWD, *EXPERT... User ID number . . . . . . . . . *GEN 1-4294967294, *GEN Group ID number . . . . . . . . *NONE 1-4294967294, *NONE, *GEN Home directory . . . . . . . . . *USRPRF More... F3=Exit F4=Prompt F5=Refresh F12=Cancel F13=How to use this display F24=More keys Figure 11-9: Partial prompted version for command CRTUSRPRF (screens 4 of 4). Understanding AS/400 System Operations

Object Security Screen 1 Edit Object Authority Object . . . . . . . : MSTFLE Owner . . . . . . . : NEWGRP Library . . . . . : MDAWSON Primary group . . . : *NONE Object type . . . . : *FILE Type changes to current authorities, press Enter. Object secured by authorization list . . . . . . . . . . . . *NONE Object User Group Authority NEWGRP *ALL *PUBLIC *CHANGE Figure 11-10: Displaying object authority on MSTFLE. Understanding AS/400 System Operations

Object Security Screen 2 Edit Object Authority Object . . . . . . . : MSTFLE Owner . . . . . . . : MDAWSON Library . . . . . : MDAWSON Primary group . . . : *NONE Object type . . . . : *FILE Type changes to current authorities, press Enter. Object secured by authorization list . . . . . . . . . . . . *NONE Object User Group Authority NEWGRP *ALL MDAWSON *CHANGE *PUBLIC *CHANGE Figure 11-11: Displaying object MSTFLE’s authorities. Understanding AS/400 System Operations

Object Security Screen 3 Edit Object Authority Object . . . . . . . : MSTFLE Owner . . . . . . . : MDAWSON Library . . . . . : MDAWSON Primary group . . . : NEWGRP Object type . . . . : *FILE Type changes to current authorities, press Enter. Object secured by authorization list . . . . . . . . . . . . *NONE Object User Group Authority NEWGRP *ALL MDAWSON *CHANGE *PUBLIC *CHANGE Figure 11-11: Displaying object MSTFLE’s authorities. Understanding AS/400 System Operations

Edit Object Authority Understanding AS/400 System Operations Edit Object Authority (EDTOBJAUT) Type choices, press Enter. Object . . . . . . . . . . . . . OPRLIB Name Library . . . . . . . . . . . *LIBL Name, *LIBL, *CURLIB Object type . . . . . . . . . . *LIB *ALRTBL, *AUTL, *BNDDIR... Bottom F3=Exit F4=Prompt F5=Refresh F12=Cancel F13=How to use this display F24=More keys Figure 11-13: The Edit Object Authority screen. Understanding AS/400 System Operations

OPRLIB Object Authorities Edit Object Authority Object . . . . . . . : OPRLIB Owner . . . . . . . : HOHLY#M Library . . . . . : QSYS Primary group . . . : *NONE Object type . . . . : *LIB Type changes to current authorities, press Enter. Object secured by authorization list . . . . . . . . . . . . *NONE     Object User Group Authority HOHLY#M *ALL____ QSYSOPR USER DEF OPR0060 *CHANGE_ OPR0059 *USE____ *PUBLIC *EXCLUDE Bottom F3=Exit F5=Refresh F6=Add new users F10=Grant with reference object F11=Display detail object authorities F12=Cancel F17=Top F18=Bottom Figure 11-14: Object authorities of the OPRLIB. Point out that different uses have authorities to this object. The authorities show are predefined authorities. Next screen we will define authorities. Understanding AS/400 System Operations

OPRLIB Object Authorities Edit Object Authority Object . . . . . . . : OPRLIB Owner . . . . . . . : HOHLY#M Library . . . . . : QSYS Primary group . . . : *NONE Object type . . . . : *LIB Type changes to current authorities, press Enter. Object secured by authorization list . . . . . . . . . . . . *NONE     Object ----------Object----------- User Group Authority Opr Mgt Exist Alter Ref HOHLY#M *ALL X X X X X QSYSOPR USER DEF X _ _ _ _ OPR0060 *CHANGE X _ _ _ _ OPR0059 *USE X _ _ _ _ *PUBLIC *EXCLUDE _ _ _ _ _ Bottom F3=Exit F5=Refresh F6=Add new users F10=Grant with reference object F11=Display data authorities F12=Cancel F17=Top F18=Bottom Figure 11-15: Object authorities of the OPRLIB. Point out the object authorities associated to the pre-defined authorities. Understanding AS/400 System Operations

OPRLIB Object Authorities Edit Object Authority Object . . . . . . . : OPRLIB Owner . . . . . . . : HOHLY#M Library . . . . . : QSYS Primary group . . . : *NONE Object type . . . . : *LIB Type changes to current authorities, press Enter. Object secured by authorization list . . . . . . . . . . . . *NONE     Object ---------------Data--------------- User Group Authority Read Add Update Delete Execute HOHLY#M *ALL X X X X X QSYSOPR USER DEF X _ _ _ _ OPR0060 *CHANGE X X X X X OPR0059 *USE X _ _ _ X *PUBLIC *EXCLUDE _ _ _ _ _ Bottom F3=Exit F5=Refresh F6=Add new users F10=Grant with reference object F11=Nondisplay detail F12=Cancel F17=Top F18=Bottom Figure 11-15: Data authorities of the OPRLIB. Point out the data authorities associated to the pre-defined authorities. Understanding AS/400 System Operations

Sample Authorization List Edit Authorization List Object . . . . . . . : MCAUTLST Owner . . . . . . . : PGM Library . . . . . : QSYS Primary group . . . : *NONE Type changes to current authorities, press Enter. Object List User Authority Mgt PGM *ALL X BWEBER *USE _ HOHLY#M *ALL____ _ *PUBLIC *EXCLUDE _ Figure 11-17: Sample authorization list, MCAUTLST, displayed using the EDTAUTL command. Understanding AS/400 System Operations

Authorization List Objects Display Authorization List Objects Authorization list . . . . . . . . : MCAUTLST Library . . . . . . . . . . . . : QSYS Owner . . . . . . . . . . . . . . : PGM Primary group . . . . . . . . . . : *NONE Primary Object Library Type Owner group Text ONERPGPGM MDAWSON *PGM PGM *NONE One RPG program STARTUP MDAWSON *PGM PGM *NONE PROGRAM to start sub Figure 11-17: Result of pressing F15 from Figure 11-17—EDTAUTL. Objects that use the authorization list MCAUTLST. Understanding AS/400 System Operations

Understanding AS/400 System Operations Object Authority Edit Object Authority Object . . . . . . . : STARTUP Owner . . . . . . . : PGM Library . . . . . : MDAWSON Primary group . . . : *NONE Object type . . . . : *PGM Type changes to current authorities, press Enter. Object secured by authorization list . . . . . . . . . . . . MCAUTLST Object User Group Authority JJCRONEY *ALL     *GROUP PGM *ALL     *PUBLIC *EXCLUDE Figure 11-19: Object authority from object viewpoint. Understanding AS/400 System Operations