.st0{fill:#FFFFFF;}

Adopt User Authority at Runtime 

 December 14, 2012

By  NickLitten

More questions about adopting authority on IBM i Systems. So lets #discuss šŸ˜‰

Adopt User Authority at Runtime

Question: I have a batch job which is run by the user but needs to use a file with security denied to the user. Somewhere I heard or read about adopt authority, which would allow the job to use the file if the adopted authority was granted

Answer 1. Happens all the time in packaged software. Change the owner of the program to a profile that would have authority, then use the change program command with adopt authority *yes and usrprf *owner.

CHGOBJOWN OBJ(PROGRAM) OBJTYPE(*PGM) NEWOWN(QSECOFR) CUROWNAUT(*SAME)
CHGPGM PGM(PROGRAM) USRPRF(*OWNER) USEADPAUT(*YES)

Question: While doing some testing I found several system facilities that ignore adopted authority, several areas have work-arounds, but triggers in particular do not. At this point I suspect that adopted authority is only viable in a discrete application. Does anyone know where I can find a list of system supplied programs and functions that ignore adopted authority? Are there any other ways to end adoption other than the specifying USEADPAUT(*NO) on the program or MODINVAU MI instruction? If there are no other ways to end adoption, is possible to find all programs that use MODINVAU? (4/2000)

Answer: To find out programs that use MODINVAU, try this command DSPPGMREF. NOTE: SQL ignores adopted authority unless it uses the DYNUSER value at runtime.

NickLitten


IBM i Software Developer, Digital Dad, AS400 Anarchist, RPG Modernizer, Shameless Trekkie, Belligerent Nerd, Englishman Abroad and Passionate Eater of Cheese and Biscuits. Nick Litten Dot Com is a mixture of blog posts that can be sometimes serious, frequently playful and probably down-right pointless all in the space of a day. Enjoy your stay, feel free to comment and remember: If at first you don't succeed then skydiving probably isn't a hobby you should look into.

Nick Litten

related posts:

{"email":"Email address invalid","url":"Website address invalid","required":"Required field missing"}
__CONFIG_colors_palette__{"active_palette":0,"config":{"colors":{"cff50":{"name":"Main Accent","parent":-1},"a344d":{"name":"Accent Transparent","parent":"cff50"}},"gradients":[]},"palettes":[{"name":"Default","value":{"colors":{"cff50":{"val":"var(--tcb-skin-color-0)"},"a344d":{"val":"rgba(46, 138, 229, 0.85)","hsl_parent_dependency":{"h":210,"l":0.54,"s":0.78}}},"gradients":[]},"original":{"colors":{"cff50":{"val":"rgb(0, 178, 255)","hsl":{"h":198,"s":1,"l":0.5}},"a344d":{"val":"rgba(0, 178, 255, 0.85)","hsl_parent_dependency":{"h":198,"s":1,"l":0.5}}},"gradients":[]}}]}__CONFIG_colors_palette__

Get In Touch

Iā€™m always looking for awesome input, feedback and critique!

>