Security

A User must specify a valid IBM i (iSeries) User ID and password within Surveyor/400 to connect to an iSeries system. Surveyor/400 will honor any existing OS/400 user authorities specified for the objects and libraries on the system. In other words, if a User is not authorized to an object on the system, then they will not be able to access this object through Surveyor/400.

In addition to normal OS/400 User security and object authorities, Surveyor/400 provides an additional layer of security called “User Access”. This User Access feature allows designated Surveyor/400 administrators to control which Surveyor/400 features and iSeries libraries each User has access to.

Each iSeries machine (or LPAR) is configured with its own User Access settings. For instance, a Surveyor/400 User could be granted User Access rights to modify database records on a Development iSeries, but can be restricted from modifying database records on a Production iSeries.

A Surveyor/400 User can either be configured with its own authority or the user can adopt its authority from a User Group.

The Surveyor/400 User Access feature can be accessed by right-clicking an iSeries system within the Visual Tree, then selecting the ‘User Access’ option.

Demonstrates the security settings for a particular user

General security:

	Designate Surveyor/400 administrator(s) who can grant/deny features for other users
	Restrict access to Surveyor/400 product
	Set the library list for a user id - user is then restricted to those libraries if checkmark is removed from the Modify Library option
	Restrict access o running commands

File Editor security:

	Restrict access to the File Editor feature
	Restrict File Editor usage to "view only"
	Restrict mass delete
	Restrict mass updates
	Indicate if the user can utilize File Editor Layouts which have public authority.

File Editor Audit: An audit trail can be created by Surveyor/400 to log any records which a user adds, changes or deletes through the File Editor.

Choose and Output Queue or Database file for the audit.

IFS (Integrated File System) security:

	Restrict IFS access to Read access
	Restrict IFS access to Write access

SQL security:

	Restrict access to SQL Queries
	Restrict access to SQL Updates/Deletes/Inserts
	Restrict access to SQL Procedure Calls
	Restrict access to SQL Database Maintenance
	Log SQL activity.

Data Transfer security:

	Restrict access to Exporting
	Restrict access to Importing
	Restrict access to FTP
	Log transfer activity.

TN5250 security:

Restrict access to TN5250

Spooled Files security:

	Restrict access to all spooled files
	No access to all spooled files
	Restrict access to user's spooled files
	Restrict access to management activities, such as holding, releasing, deleting, and moving spooled files.
	Restrict access to exporting spooled files.

Data Areas:

Restrict access to editing data areas