Versions Compared

Old Version 2

changes.mady.by.user IT Stonebranch

Saved on

compared with

New Version Current

changes.mady.by.user Stonebranch

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

<ul> <li>

  • Installation
  • library,
  • UNVPRD510
  • (by
  • default)
<li>
  • Product
  • temporary
  • library,
  • UNVTMP510
<li>
  • Universal
  • spool
  • library,
  • UNVSPL510
</ul>

For maximum security, only trusted accounts (administrators and the UNVUBR510 user profile) should have management, existence, alter, add, update or delete authority to these objects. As a reminder, the system value QCRTAUT controls public access authority to created objects unless overridden by specific commands.

IBM i

Object Permissions
 
Only administrator accounts should have write permission to the following Universal Agent libraries (and all objects within these libraries):

Html bobswift

z/OS

Data Set Permissions
 
Only trusted user accounts should have write permission to the Universal Data Mover Server installation data sets. No general user access is required.

...

Universal Data Mover Server User Profile

...


IBM i

If user security is activated, the UDM Server for IBM i requires, by default, *ALLOBJ authority to switch user profiles. This *ALLOBJ authority requirement may be removed. The UDM Server initially inherits authority from the UNVUBR510 user profile. Following the switch to the user profile, the UDM Server runs under the authority of the user initiating the data transfer.
 
The UNVUBR510 user profile requires *SPLCTL authority in order to provide Universal Submit Job with job logs in specific limited situations. The *SPLCTL authority requirement can be removed. Removing *SPLCTL from the UNVUBR510 user profile may prevent the job log processing in limited situations.
 
(See Universal Broker User Account for information on removing the *ALLOBJ and *SPLCTL authorities.)

...