Scribd
Upload
11 views

BCI433 LECTURE 2 (Practice)

Uploaded by

9558350162j
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
11 views

BCI433 LECTURE 2 (Practice)

Uploaded by

9558350162j
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 3

Lecture 2 iSeries System Security

iSeries Security System

- The iSeries security system is built into the operating system, allowing for consistent security
between the operating system and other licensed programs. (There are several software
components available from IBM that extend the functions and capabilities of the system - licensed
program product).
- Security has three separate aspects:

1 - Physical security of the hardware

2 - Backup of the data files

3 - Prevention of unauthorized access to the data files.

- System values, security levels, assistance levels, user profiles, group profiles, and authorization
lists work together to allow the manipulation and control of data on the iSeries.

- Commands to use WRKSYSVAL, DSPSYSVAL

- WRKSYSVAL use Option 5 to display the value

- List type of Security Value to filter on *ALL, *SEC, *DATTIM etc

. Security System Values

QPWDMINLEN QPWDMAXLEN QPWDEXPITV


QDSPSGNINF QMAXSIGN QMAZSGNACN
QLMTDEVSSN QINACTIT QINACTMSGQ
QDSCJOBITV QUPSMSGQ QUPSDLYTIM
QPWRRSTIPL QSECURITY

. Security Levels

- System i supports five security levels. QSECURITY=10,20,30,40,50


- DSPSYSVAL (QSECURITY)

. Assistance Levels (QASTLVL)

- *BASIC *INTERMED *ADVANCED


- If the user signs off the system, the current assistance level for each display remains stored until
the user signs on and changes it.

. User Profile (*USRPRF) and Object Authorities

- The user profile is an object that defines system access for the user: what objects can be
accessed, what libraries can be used, what authorities are assigned, and what special groups the
user belongs.
- DSPUSRPRF (F4 , F1)
- The Current library is where any new objects that the user create reside by default.

- User classes:

*SECOFR *SECADM *PGMR *SYSOPR *USER

- Each user profile class has special default authorities based on the security level.

- Each object has authorities attached to the object.


*ALL *CHANGE *USE *EXCLUDE

Unix/Linux directory/file based authorities (Example)

Drwxrwxrwx

User+Group+Other

- A group profile (*GRPPRF) is similar to a user's profile except it gives the same set of authorities to
multiple users.

. Job Descriptions (*JOBD)

- A job description includes attributes such as where the job is executed, the priority of the job, the
printer to be used, and how message logging is to be handled.
- DSPJOBD F4

- Jobq attached to Sub-system

AS/400

Qinter (Interactive Subsystem)

- Jobd Canada

- Jobd Australia

- Jobd USA

. Outq Output Queue also the report is known as spool file

- Outq attached to printer


- Outq Canada
- Outq Australia
- Outq USA

. Message Queue

- Message queue is not attached to anything


. Library List

- The library list provides an effective method to help program locate objects on the system. (An
Example)
- DSPLIBL
- CHGCURLIB
- ADDLIBLE
- RMVLIBLE
- CHGLIBL
- EDTLIBL

Let’s create a new Library C436nn where nn is your login ID number

Add this library in your list

Make this library your current library

Change position of this library up/down of QGPL or QTEMP

///////////////

Wrksysval // for system values (Qmaxsign)

Dspusrprf // for viewing your profile

/////Library

Crtlib abcd9

Chgcurlib abcd9 // for changing cur lib

Edtlibl // shows all user lib

Dltlib abcd9 //for deleting permanently and first rmvlible abcd9 and then delete

You might also like