Authority levels for commands - Assure_DB2_Data_Monitor_(DB2MON) - Assure_Elevated_Authority_Manager_(EAM) - Assure_Encryption - Assure_Monitoring_and_Reporting_(AMR) - Assure_Secure_File_Transfer - Assure_Secure_File_Transfer_ - Assure_Secure_File_Transfer_PGP - Assure_Secure_File_Transfer_with_PGP - Assure_Security_Multi-Factor_Authentication_(MFA) - Assure_System_Access_Manager_(SAM) - Required_for_All_Modules - assure_ioptimize - assure_itera - assure_mimix - 10.0

License Manager for IBM i Products

Product type
Software
Portfolio
Integrate
Product family
Assure
Product
Assure Security > Required for All Modules
Assure Security > Assure Encryption
Assure iTERA
Assure MIMIX™ Software
Assure Security > Assure Secure File Transfer
Assure Security > Assure Elevated Authority Manager (EAM)
Assure Security > Assure DB2 Data Monitor (DB2MON)
Assure iOptimize
Assure Security > Assure Security Multi-Factor Authentication (MFA)
Assure Security > Assure Monitoring and Reporting (AMR)
Assure Security > Assure System Access Manager (SAM)
Assure Security > Assure Secure File Transfer with PGP
Version
10.0
Language
English
Product name
Assure
Title
License Manager for IBM i Products
Copyright
2023
First publish date
1999
ft:lastEdition
2024-07-02
ft:lastPublication
2024-07-02T13:03:21.227059

The following table shows the commands and menu interfaces within License Manager that can be controlled with security functions provided by Precisely. The right side of the table shows the minimum authority level needed for the command when you use the provided product authority or command authority.

Before using this information, you should note that:

  • Product-level security must be enabled to enforce your choices for product authority and command authority.

  • The product authority function does not apply to the security officer user profile (QSECOFR). As long as valid license keys exist, the QSECOFR user profile can perform all functions. This allows the security officer to access a product when all other user profiles are excluded from access.
    Note: If the product-level security for the QSECOFR user profile is not explicitly set in version 10.0.13.00 or higher, then it is automatically set to *ADM during installation or upgrade. Additionally, you cannot revoke all authority levels from QSECOFR, but you can change the level that QSECOFR has by using GRTPRDAUT.
  • Commands that are not listed are not protected by product authority and cannot be modified with command authority.

  • All users with *ADM authority to a product in a library have access to the grant and revoke authority commands (GRTPRDAUT and RVKPRDAUT) for that instance of the product. These users have the ability to grant and revoke authority to that product even though they do not have *MGT authority to License Manager.

  • The Assure Unified Interface uses the shipped authority level to control actions available to users when product-level security is enabled.

Authority levels for commands in MIMIX products are identified in the Assure MIMIX Administrator Reference book.

Table 1. License Manager commands and menu interfaces, showing their shipped mini­mum authority level settings when the provided security functions are used.

License Manager Commands and Menu Interfaces

Minimum Authority Level

  *ADM *MGT *OPR *DSP

ABOUT

 

 

 

X

ADDDIRVSIP

X

 

 

 

APYLICKEY

X

 

 

 

CHGCMDAUT

X

 

 

 

CHGLICKEY

X

 

 

 

CHGLMMSG

 

X

 

 

CHGMMXAMa

 

X

 

 

CHGMMXPRFd

 

X

 

 

CHGPRDLIBd

 

 

 

X

CHGPRDSEC

X

 

 

 

CPYTOECS

 

 

X

 

CRTMMXAMa

 

X

 

 

CVTLKVSTMF

 

X

 

 

DLTMMXAMa

 

X

 

 

DLTPRD    

 

X

 

 

DSPCMDAUT

 

 

 

X

DSPPRDAUT

 

 

 

X

DSPSYSINF

 

 

 

X

ENDMMXAMa

 

 

X

 

FORMBRd

 

 

X

 

FOROBJ d

 

 

X

 

GRTPRDAUT

 

X

 

 

INSMMX

 

X

 

 

INSPRD

 

X

 

 

LICMGR    

 

 

 

X

LODLKVFIX

 

X

 

 

PRDMGT

 

 

 

X

RMVDIRVSIP

X

 

 

 

RMVLICKEY

X

 

 

 

RTVMMXAMa

 

 

 

X

RVKPRDAUT

 

X

 

 

SAVCFGDTA

 

X

 

 

STRMMXAMa

 

 

X

 

UPDINSPRD

 

X

 

 

UPDLICKEY

X

 

 

 

WRKLICKEYb 

 

 

 

X

WRKPRDc

 

 

 

X

a: MIMIX Availability Manager commands are included for backward compatibility only. MIMIX Availability Manager can only be started on systems that were at version 6 service pack 6.0.11.00 or higher before version 7.0 of License Manager was installed.

b:This command is available when License Manager version 9.0.30.00 is installed.

c:If you change authority to the WRKPRD command using the Change Command Authority (CHGC­MDAUT) command, you need to specify WRKPRD2 as the value of the Command (CMD) parameter.

d:Product-level security is removed for the command as part of the 10.0.13.00 version.