Environment
NetIQ Security Solutions for iSeries
NetIQ Security Solutions for iSeries 8.0
PSSecure 8.0
Secure File Editor (SFE)
NetIQ Security Solutions for iSeries PSSecure 8.0
Situation
Resolution
To authorize a user to the Secure File Editor, without granting authority to all of PSSecure, refer to the following:
1. Access a command entry line.
2. Type GRTOBJAUT OBJ(PSSECURE/DBA) OBJTYPE(*CMD) USER(user) AUT(*USE), where user is the user profile being authorized, press Enter.
3. Type GRTOBJAUT OBJ(QGPL/DBA) OBJTYPE(*CMD) USER(user) AUT(*USE), press Enter.
4. Type GRTOBJAUT OBJ(PSCOMMON/CNDHNDLR) OBJTYPE(*SRVPGM) USER(user) AUT(*USE), press Enter.
5. Type ADDAUTLE AUTL(PSSECURE) USER(user) AUT(*USE) , press Enter.
6. If *PUBLIC does not have *USE authority to PSSLIB in QGPL, then:
7. Type GRTOBJAUT OBJ(QGPL/PSSLIB) OBJTYPE(*DTAARA) USER(user) AUT(*USE), press Enter.
Adding the user to authorization list PSSECURE is not sufficient to run PSSecure functions via the SMS menu system, but the user would be able to directly change database files in PSSECURE using command DBA, but this is the only way to provide access to DBA command without providing access to PSSecure functions.
Additional Information