Authority failures are the result of attempts (i.e., actions) to access objects to which a user profile is not authorized. Several IBM i features, such as job logs and QHIST, contain some authority failure information. However, the system audit journal has all the information you need, and the OS provides easy-to-use tools to help you quickly find it. These tools are the audit configuration system values, the CPYAUDJRNE command, and the STRSQL command.

Audit System Values

To begin auditing authority failures, configure three system values: QAUDCTL, QAUDLVL, and QAUDLVL2. QAUDCTL is an on/off switch for auditing specific objects, specific user

If you’ve worked in IT for more than 15 minutes, you’ve undoubtedly been asked, “How hard would it be to. . . ?” The people who depend on the systems we support are constantly thinking of new and better ways to make information systems more closely resemble the reality of business. Every little thing you can do to ease the effort to modify software is worth doing. Here are two extremely simple ways to reduce the amount of effort required to change the length of a character data area.

Consider a data area, FacInfo (Facility Info), that contains one item

System auditors generally don’t like i OS vendor-supplied profiles. You know, those user profiles that vendors require for software installation, ownership, or running special jobs. Some vendors even require you to give these profiles security officer (*SECOFR) or security administrator (*SECADM) authority. This can create audit points because auditors generally don’t like excessive security officer-enabled profiles on the system. Here are two strategies for handling this situation.

What Is a Vendor-Supplied User Profile?

A vendor-supplied user profile is any profile that exists on your i OS system in order to load software objects, or run vendor programs. It may also