VigilEnt Security Agent for iSeries 5.4/7.0
VigilEnt Security Agent for AS/400 5.3/6.3
Unable to findÂ some profileÂ change transactionsÂ in the 'Changes to User Profiles' report.
User profiles were changed without explanation.
Changing to a Security Level 30 from a lower level may yield such results.
VigilEnt Security Agent for iSeries does not automatically change any user profile after an initial program load (IPL). When your system is changed toÂ a Security Level 30 from a LowerÂ Level, the system can change some user profiles after the next IPL.Â IBM does notÂ write these changes toÂ the auditing journal during this process; therefore, reports such as 'Changes to User Profiles' cannotÂ return data regarding the changes made. For additional information about changing to Security Level 30 from a Lower Level, access the following link provided by IBM.Â
Special authorities are added to and removed from user profiles to match the default special authorities for the user class. For example, *ALLOBJ special authority is removed from all user profiles except those with a user class of *SECOFR.
In addition to the security provided at Level 20, Level 30 provides the following security functions:Â
- Users must be specifically given authority to use resources on the system.
- Only user profiles created with the *SECOFR security class are given *ALLOBJ special authority automatically.