Agreed...its a stoopid way to setup a software package. Too
bad its our main ERP system! There is a move afoot to get
to another package but I won't speculate on when that will
happen based on the money already spent to get 1/2 way there ;-)

I think we will save the security data using SAVSECDTA
(probably to a SAVF) just prior to doing the upgrade and
then once we have 7.2 installed we'll restore all the
profiles and run RSTAUT - just like we would have to do
during a recovery. It should bring us back to "normal"

Thanks for the feedback.

Have a nice holiday weekend!

Terry


-----Original Message-----
From: MIDRANGE-L [mailto:midrange-l-bounces@xxxxxxxxxxxx] On Behalf Of Jim Oberholtzer
Sent: Friday, May 25, 2018 11:35 AM
To: 'Midrange Systems Technical Discussion'
Subject: [EXTERNAL] RE: Authority Restoration During an Upgrade (6.1 -> 7.2)

Since you did not RSTUSRPRF *ALL the RSTAUT would not have done anything
anyway, I suspect you problem lies elsewhere. The method of upgrade is
irrelevant in this case.

It sounds like a profile has private authorities to commands in QSYS. Since
those objects are replaced during the upgrade the private authorities
clearly would not be there any longer since the object is gone (replaced).


You'll need to get the script used in the installation to set those
authorities and re-run that part of the installation.

I won't even start on the lack of wisdom in doing what the vendor apparently
did. I was taught a phrase long ago: "Ignorance can be fixed, stupid is
forever". The vendor was stupid, therefore assuming the ability to do so,
find another vendor.


--
Jim Oberholtzer
Agile Technology Architects


-----Original Message-----
From: MIDRANGE-L [mailto:midrange-l-bounces@xxxxxxxxxxxx] On Behalf Of
Winchester Terry
Sent: Friday, May 25, 2018 10:11 AM
To: Midrange Systems Technical Discussion <midrange-l@xxxxxxxxxxxx>
Subject: Authority Restoration During an Upgrade (6.1 -> 7.2)

We recently upgraded our Test system LPAR from V6R1 to V7R2.

Everything seemed to have worked fine with the exception of one software
package. It was failing for security reasons...then we discovered that a
generic profile it uses had access to many QSYS objects/commands.

We didn't see anything in the upgrade guide indicating that a RSTAUT was
needed nor could we find anything security-related that was missed during
the upgrade. We performed the upgrade using the DVD optical
drive...disk-by-disk.

I am thinking that if we had done a RSTAUT at the end of the upgrade (but
before a SAVSYS) that we might have avoided this problem. OTOH, I'm not sure
where the RSTAUT would get its information from if we didn't restore user
profiles from a prior backup.

Dummy me...I thought we might be able to do a SAVSECDTA to a *SAVF and then
use that to do a RSTAUT...but that does not appear to be a viable method.

Anyway, before we begin to think about upgrading our Production LPAR...I was
hoping someone might have some thoughts about where we went wrong -or- what
we should have done different.

Thanks for any input :)

----------------------------------------------------------------------
Confidentiality Notice: The preceding e-mail message (including any
attachments) contains information that may be confidential, protected by
applicable legal privileges, or constitute non-public information. It is
intended to be conveyed only to the designated recipient(s). If you are not
an intended recipient of this message, please notify the sender by replying
to this message and then delete it from your system. Use, dissemination,
distribution or reproduction of this message by unintended recipients is not
authorized and may be unlawful.
--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list
To post a message email: MIDRANGE-L@xxxxxxxxxxxx To subscribe, unsubscribe,
or change list options,
visit: https://urldefense.proofpoint.com/v2/url?u=https-3A__lists.midrange.com_mailman_listinfo_midrange-2Dl&d=DwICAg&c=usKnhNfiA3SpEGkR2TubeV6I5jE5rze8vzZE7OpWXXY&r=LD1savGZ6Gc4gIcG9yLPnyfe5Wy5IgPnRmF3qDwpJN4&m=n9fVUKwcbO9rVaMlE_W4OjS4zVDcUk1PSZQ3QXzksqk&s=_GG7yl5fjb_q7VHu_T4Nu4BoPFqvw0MIA3tYuRZl5iQ&e=
or email: MIDRANGE-L-request@xxxxxxxxxxxx Before posting, please take a
moment to review the archives at https://urldefense.proofpoint.com/v2/url?u=https-3A__archive.midrange.com_midrange-2Dl&d=DwICAg&c=usKnhNfiA3SpEGkR2TubeV6I5jE5rze8vzZE7OpWXXY&r=LD1savGZ6Gc4gIcG9yLPnyfe5Wy5IgPnRmF3qDwpJN4&m=n9fVUKwcbO9rVaMlE_W4OjS4zVDcUk1PSZQ3QXzksqk&s=kzvSk_NEHurDVZydVI9uT4_veaj1LM6plVz9YJ9TjII&e=.

Please contact support@xxxxxxxxxxxx for any subscription related questions.

Help support midrange.com by shopping at amazon.com with our affiliate link:
https://urldefense.proofpoint.com/v2/url?u=http-3A__amzn.to_2dEadiD&d=DwICAg&c=usKnhNfiA3SpEGkR2TubeV6I5jE5rze8vzZE7OpWXXY&r=LD1savGZ6Gc4gIcG9yLPnyfe5Wy5IgPnRmF3qDwpJN4&m=n9fVUKwcbO9rVaMlE_W4OjS4zVDcUk1PSZQ3QXzksqk&s=pdpOBENhrIbQrLC6tL2abyOWmAyC6_NltZiDuexPBpc&e=


As an Amazon Associate we earn from qualifying purchases.

This thread ...

Follow-Ups:
Replies:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.