Unable to find some profile change transactions in the 'Changes to User Profiles' report. (NETIQKB31333)

  • 7731333
  • 02-Feb-2007
  • 08-Oct-2007


VigilEnt Security Agent for iSeries 5.4/7.0

VigilEnt Security Agent for AS/400 5.3/6.3

Unable to find some profile change transactions in the 'Changes to User Profiles' report.

User profiles were changed without explanation.

Changing to a Security Level 30 from a lower level may yield such results.


VigilEnt Security Agent for iSeries does not automatically change any user profile after an initial program load (IPL). When your system is changed to a Security Level 30 from a Lower Level, the system can change some user profiles after the next IPL. IBM does not write these changes to the auditing journal during this process; therefore, reports such as 'Changes to User Profiles' cannot return data regarding the changes made. For additional information about changing to Security Level 30 from a Lower Level, access the following link provided by IBM. 


Special authorities are added to and removed from user profiles to match the default special authorities for the user class. For example, *ALLOBJ special authority is removed from all user profiles except those with a user class of *SECOFR.

In addition to the security provided at Level 20, Level 30 provides the following security functions: 
  • Users must be specifically given authority to use resources on the system.
  • Only user profiles created with the *SECOFR security class are given *ALLOBJ special authority automatically.

Additional Information

Formerly known as NETIQKB31333