Profile ZENDADMIN

General discussion on Zend Server for IBM System i

Profile ZENDADMIN

Postby mlladigue on Wed Jan 30, 2013 10:30 pm

Hi all,

Is there any issue if I change the userprofile ZENDADMIN to have the initial menu to *SIGNOFF ?

Thanks in advance for your answer.

Marie
mlladigue
 
Posts: 1
Joined: Thu Apr 12, 2012 8:37 pm

Re: Profile ZENDADMIN

Postby timo_karvinen on Thu Jan 31, 2013 9:42 am

Hi.

Don't hold me to this, but if I recall correctly we have successfully done so on some of our customers machines.
This shouldn't have any real effect for two reasons:
- The profile is not supposed to be used to login interactively.
- The default configuration has the profile without password, so as long as you have not defined password for it, it can't be used to login interactively anyway.

-Timo
timo_karvinen
 
Posts: 82
Joined: Wed Aug 12, 2009 7:58 am
Location: Tampere, Finland

Re: Profile ZENDADMIN

Postby zend_i5 on Tue Feb 05, 2013 7:00 am

ZENDADMIN user profile only function is to own the ZENDSVR library. So there is no problem to remove sign-on option. You could also change ZENDADMIn user class to *SYSOPR and remove *SECADM special authority
zend_i5
 
Posts: 158
Joined: Mon Mar 23, 2009 5:22 pm

Re: Profile ZENDADMIN

Postby adominguez24 on Wed May 15, 2013 4:59 pm

Hello there,

For audit purposes our company would like to remove *ALLOBJ authority for this profile (ZENDADMIN). When we did, it seemed to have affected some of our apps that used the i5 Toolkit. I know we should be replacing the i5 Toolkit with the XML Toolkit but at the moment, we don't have the resources to do that. Is there a way to remove *ALLOBJ authority without having any ill affects?


Cheers.
adominguez24
 
Posts: 19
Joined: Tue Jun 29, 2010 8:14 pm

Re: Profile ZENDADMIN

Postby adominguez24 on Wed May 29, 2013 4:33 pm

Can anyone help me out with this?
adominguez24
 
Posts: 19
Joined: Tue Jun 29, 2010 8:14 pm

Re: Profile ZENDADMIN

Postby shlomov on Tue Mar 07, 2017 12:03 pm

ZENDADMIN, requires the - *ALLOBJ *JOBCTL *SPLCTL special authority.
ZENDADMIN, needs the authority to start the Zend Processes/Components.

ZENDADMIN does not need to be associated with user class *SECOFR and can use other user classes as long as "Special authority . . . . . . . SPCAUT"
is set with above special authority listed.

Remember password is not available(blank) and the user is used internally within the server.
Local password management . . . . . . . . : *NO

Our directories and product programs are accessed by QSECOFR/QTMHHTTP all others excluded.
*PUBLIC *EXCLUD
QTMHHTTP *RWX
QSECOFR *RWX
Shlomo Vanunu
IBM System i
User avatar
shlomov
Zend Global Support
 
Posts: 137
Joined: Mon Dec 29, 2008 2:38 pm


Return to Zend Server for IBM i

Who is online

Users browsing this forum: No registered users and 1 guest