Restricted Access to SST
November 2, 2005 Hey, Wayne O
I want to set up two users to access the Start System Service Tools (STRSST) command. Is there a way to set them up so they can not change anything–that is, in view only mode? I want them to access the Analyze Log function only.
–Reza
I have good news for you. IBM added some additional controls in V5R2 to provide the exact function you want.
As a security officer, start SST. This will require you to enter the SST password, which is case sensitive. Then, take the following actions:
1. Create SST profiles for the two users. I recommend using the same name as the user profiles and assigning a password to their use of SST. The password is case sensitive.
2. Using SST as the security officer, you can allow the users selected functions of SST. You would want to allow the Analyze Log function, but no other functions.
–Wayne O. Evans
Security articles authored by Wayne O. Evans can be found on his Web site, www.woevans.com. Click here to contact Wayne O. Evans by e-mail.
|
