Authorization lists are a powerful tool for the management of security. Authorization list is a list of 2 or more user IDs & their authorities for system resources. Authorization list grant users (or groups) the same authority to multiple objects.
Authorization list reduces the number of private authorities stored in *usrprf object. The system identifies it as an object type *autl.
Note: The only drawback in authorization list is that they are only restored when restoring all profiles.
CRTAUTL command creates the authorization list
Eg: CRTAUTL AUTL(List1)
GRTOBJAUT command allows to associate the authorization list with the files (i.e, to determine which objects should be secured with authorization list)
Eg: GRTOBJAUT OBJ(Lib1/*ALL) OBJTYPE(*FILE) AUTL(List1)
By running above example, you are adding all files in library Lib1 to authorization list List1
ADDAUTLE command allows you to grant users the authority to the lists.
Eg: ADDAUTLE AUTL(List1) USER(Rahsin) AUT(*USE)
By running above example, you are giving USE authority to the user Rahsin for the authorization list List1
EDTAUTL command allows you to add and remove users from the list, and specify their authority to the list.
DLTAUTL command allows you to delete an authorization list.
DSPAUTL command allows you to display an authorization list.
WRKAUTL (Work with Authorization Lists) Command allows you to work with authorization lists. With this command, you can display, edit, delete, display the list's objects, or change the text for an authorization list.
Eg: WRKAUTL AUTL(*all) - It lists of all the authorization lists that you either own or have authority to see is shown.
Authorization list reduces the number of private authorities stored in *usrprf object. The system identifies it as an object type *autl.
Note: The only drawback in authorization list is that they are only restored when restoring all profiles.
Authorization List Commands
CRTAUTL command creates the authorization list
Eg: CRTAUTL AUTL(List1)
GRTOBJAUT command allows to associate the authorization list with the files (i.e, to determine which objects should be secured with authorization list)
Eg: GRTOBJAUT OBJ(Lib1/*ALL) OBJTYPE(*FILE) AUTL(List1)
By running above example, you are adding all files in library Lib1 to authorization list List1
ADDAUTLE command allows you to grant users the authority to the lists.
Eg: ADDAUTLE AUTL(List1) USER(Rahsin) AUT(*USE)
By running above example, you are giving USE authority to the user Rahsin for the authorization list List1
EDTAUTL command allows you to add and remove users from the list, and specify their authority to the list.
DLTAUTL command allows you to delete an authorization list.
DSPAUTL command allows you to display an authorization list.
WRKAUTL (Work with Authorization Lists) Command allows you to work with authorization lists. With this command, you can display, edit, delete, display the list's objects, or change the text for an authorization list.
Eg: WRKAUTL AUTL(*all) - It lists of all the authorization lists that you either own or have authority to see is shown.