AS/400 >> Granting *EXCLUDE authority to file with SQL?

by ritting » Fri, 30 Jul 2004 04:07:39 GMT

Is it possible to grant *EXCLUDE authority to a file using SQL?
Our files are set to *ALL to *PUBLIC

I found that a REVOKE ALL ON filename to Username does not put the
username in the authority list with *EXCLUDE - it removes the user
from the list.

I would like to know this so I can do a bulk exclude on a user for a
lot of files. I am more comfortable with SQL than CL.

thanks, Andy

Similar Threads

1. DB2-SQL questions (grant...)

2. Adopted authority together with Dynamic SQL


We had a small authorization problem with a user who ran a program,
which uses dynamic SQL (Prepare statement) under adopted authority.
An error message (SQL0551) appeared saying there wasn't enough

To solve this problem I found out that the "Dynamic user profile"
parameter (DYNUSRPRF) in the CRTSQLRPGI command, should be set to
*OWNER in stead of the default *USER.
In this case dynamic SQL statements are run under the profile of the
program's owner.

Since our whole system runs under adopted authority, we're thinking
about compiling all our SQL-programs with DYNUSRPRF(*OWNER)
Also the ones which only use static SQL.

Is there anyone who can tell me if this can cause problems?

Thanks in advance

3. authority to read configuration file /www/apachenew/conf/httpd.conf - AS/400

4. Using reference object for newly create file authorities

Hi everyone,

We're having problems getting newly created objects to have the
correct permissions. The approach we use has been in use for over 10
years and is supposed to handle newly created objects. However when we
really looked at it recently it just did not seem to be working.

Here's what we've been doing. We use group profiles and referenced
objects to give *ALL authority to members of the group that needs to
use our software. Existing objects are getting the correct authorities

*GROUP      FAC01       *ALL

while newly created objects do not have any reference to the group.

Here is the command to create the referenced object:
Here are the authorities for the reference object.

 User        Group       Authority
 DINA                             *ALL
 *GROUP   FAC01       *ALL
 *PUBLIC                     *USE

We then execute the following command:
Following are the authorities for a file that existed when the above
command executed

 User        Group       Authority
 DINA                           *ALL
 *GROUP  FAC01      *ALL
 *PUBLIC                    *USE

On the other hand authorities for a newly created file by user in
FAC01 group DO NOT refer to the group and *PUBLIC has been changed
from *USE to *CHANGE

User        Group       Authority
MAGNAL                  *ALL
*PUBLIC                 *CHANGE

What do we need to do to get newly created objects to use the
reference object for it's authorities?



5. Print the Authority of LIB and Files ?? - AS/400

6. User read only authority over files on a library

I have just created a library with QSECOFR named let's say MYLIB

Edited MYLIB authorities with EDTOBJAUT and added  NEWUSER with *USE 

*PUBLIC authority is set to*CHANGE

Then created a couple of files with QSECOFR.

Now,  NEWUSER, is able to add or modify records of any file in MYLIB with 
for instance , DFU! , but is not able to change CHGPF FILE(MYLIB/MYFILE) 
MAXMBRS(*NOMAX) which for me is  is OK

I intended that NEWUSER, could only read files on MYLIB by setting the 
library MYLYB  with NEWUSER *USE authority.

NEWUSER does not belong to any group nor has *ALLOBJ  nor MYLIB is protected 
by any athoritation list.

Am I missing something ?

Thanks in advance.

7. Why the object's *PUBLIC authority is changed to *EXCLUDE after restore the object(s)? - AS/400

8. Difference between two dates excluding weekends with Query


I'm wondering if it's possible two calculate the difference between two
dates, excluding weekends, in a Query