Re: Question about Groups usage on the AS400/i -- MIDRANGE-L

Group profiles are a great way to maintain authorization to "groups" of objects.
Also, using authorization lists in combination with Groups works too.

I.e. We use Groups for Menu Access. We authorize menu options by Groups. When a new user is provisioned, we simply add the required group or groups to their profile and they get the access they need without any further maintenance.

From a system object level, you can use Groups in combination with Authority lists to secure the system effectively.

Gavin.

On 5/13/2025 12:59 PM, Kristen Henry wrote:

Hi,

I am a long time 38/AS400/iSeries developer and have a client that develops software for user provisioning across many different system types. They are adding the ability to add users and remove users to/from Groups.

In my experience on the iSeries, groups are set up with Q type user level and other access to give authorities to a Group, and the GROUP NAME is added/removed to a user profile to give the Authority.

Is anyone using Groups to add/remove the user profile names to the groups themselves? In this example I imagine the group name would not then be added to the user profile... In my experience no, but it looks possible, and other system types work this way.

Please share with me so I can give accurate guidance to my client.

Thanks,

Kristen Henry

This mailing list archive is Copyright 1997-2025 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.