Re: MCH1001 in S36EE Mode At Security Level 20 -- MIDRANGE-L

On 28/01/2010, at 7:31 AM, Rich Loeber wrote:

The question is, why are they having object authority issues when they are
still running at level 20. The whole point of this was to trap any such
errors in advance and get them corrected before making the change from
level 20 to level 30. The IBM documentation recommends this approach.

What am I missing?

You are missing the fact that level 20 doesn't really ignore authority--it simply sets all new user profiles to have *ALLOBJ. It's the *ALLOBJ setting that avoids authority issues. By removing that from the profiles you have effectively instated object-level authority checks. Because some users are not authorised to the objects they need you get authority problems.

So, as recommended, you are now experiencing (i.e., trapping) authorisation failures and can correct them.

Regards,
Simon Coulter.
--------------------------------------------------------------------
FlyByNight Software OS/400, i5/OS Technical Specialists

http://www.flybynight.com.au/
Phone: +61 2 6657 8251 Mobile: +61 0411 091 400 /"\
Fax: +61 2 6657 8251 \ /
X
ASCII Ribbon campaign against HTML E-Mail / \
--------------------------------------------------------------------

This mailing list archive is Copyright 1997-2025 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.