What are the violation types for the 'All Authority Failures' report in System Auditing and Reportin (NETIQKB31173)

  • 7731173
  • 02-Feb-2007
  • 17-Jul-2014

Environment

NetIQ Security Solutions for iSeries 8.x
VigilEnt Security Agent for iSeries PSAudit 7.x
System Auditing and Reporting (SAR)
PSAudit
All Authority Failures Report

Situation

What are the violation types for the 'All Authority Failures' report in System Auditing and Reporting?

Resolution

The following is a list of violation types that may be returned on the 'All Authority Failures' report:

A = Not authorized to object
B = Restricted instruction (see Note 1)
C = Validation failure  
D = Use of unsupported interface, object domain failure
E = Hardware storage protection error, program constant space violation
F = ICAPI authorization error
G = ICAPI authentication error
H = Scan exit program action 
I = System Java inheritance not allowed (See Note 2)
J = Attempt made to submit or schedule a job under a job description which has a user profile specified and the submitter does not have *USE authority to the job description's user profile.
K = a user created as *USER with no special authority produces AF/K security audit journal entries when an MI instruction is issued (may be imbedded in a called program).
N = Profile token not a regenerable token
O = Optical Object Authority Failure
P = Profile swap error - ttempt is made to use a user profile handle that is not valid on the QWTSETP API.
R = Hardware protection error
S = Default sign-on - attemptt is made to sign on without entering a user ID or password.
T = Not authorized to TCP/IP port
U = User permission request not valid
V = Profile token not valid for generating new profile token
W = Profile token not valid for swap
X = System violation ? see J5 offset 723 for violation codes
Y = Not authorized to the current JUID field during a clear JUID operation.
Z = Not authorized to the current JUID field during a set JUID operation.
 

Note 1  A restricted instruction usually means that someone is trying to access a MI (Machine instruction) from a command line.
This also means that the security level on the machine (system value QSECURITY) is set to 40 or higher and does not allow any restricted instructions.

Note 2 The Java class object being created may not extend its base class because the base class has system Java attributes.



Additional Information

Formerly known as NETIQKB31173

Feedback service temporarily unavailable. For content questions or problems, please contact Support.