ibm-information-center/dist/eclipse/plugins/i5OS.ic.rzamv_5.4.0.1/rzamvresappadmin.htm

50 lines
6.0 KiB
HTML
Raw Normal View History

2024-04-02 14:02:31 +00:00
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us" xml:lang="en-us">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="security" content="public" />
<meta name="Robots" content="index,follow" />
<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' />
<meta name="DC.Type" content="concept" />
<meta name="DC.Title" content="Application administration" />
<meta name="abstract" content="Application Administration is an optional component of iSeries Navigator, the graphical user interface (GUI) for the iSeries server." />
<meta name="description" content="Application Administration is an optional component of iSeries Navigator, the graphical user interface (GUI) for the iSeries server." />
<meta name="DC.Relation" scheme="URI" content="rzamvsecstation.htm" />
<meta name="copyright" content="(C) Copyright IBM Corporation 2006" />
<meta name="DC.Rights.Owner" content="(C) Copyright IBM Corporation 2006" />
<meta name="DC.Format" content="XHTML" />
<meta name="DC.Identifier" content="resappadmin" />
<meta name="DC.Language" content="en-us" />
<!-- All rights reserved. Licensed Materials Property of IBM -->
<!-- US Government Users Restricted Rights -->
<!-- Use, duplication or disclosure restricted by -->
<!-- GSA ADP Schedule Contract with IBM Corp. -->
<link rel="stylesheet" type="text/css" href="./ibmdita.css" />
<link rel="stylesheet" type="text/css" href="./ic.css" />
<title>Application administration</title>
</head>
<body id="resappadmin"><a name="resappadmin"><!-- --></a>
<!-- Java sync-link --><script language="Javascript" src="../rzahg/synch.js" type="text/javascript"></script>
<h1 class="topictitle1">Application administration</h1>
<div><p>Application Administration is an optional component of iSeries™ Navigator, the graphical user interface (GUI) for the iSeries server.</p>
<p> Application Administration allows system administrators to control the functions or applications available to users and groups on a specific server. This includes controlling the functions available to users that access their server through clients. It is important to note here, that if you access the server from a Windows<sup>®</sup> client, the iSeries server user and not the Windows user determines which functions are available for administration.</p>
<p>For complete documentation on iSeries Navigator Application Administration, refer to <a href="../rzaj3/rzaj3overview.htm" target="_blank">Application Administration</a>.</p>
<div class="section"><h4 class="sectiontitle">Policy administration</h4><div class="p">Policies are a tool for administrators to use as they configure software on their client PCs. Policies can restrict which functions and applications a user has access to on the PC. Policies can also suggest or mandate configurations to be used by certain users or certain PCs.<div class="note"><span class="notetitle">Note:</span> Polices do not offer control over server resources. Policies are not a substitute for server security. Policies can be used to affect how iSeries Access is able to access the server from a particular PC, by a particular user. However, they do not change how server resources can be accessed via other mechanisms.</div>
Policies are stored on a file server. Each time the user signs on to their Windows workstation, the policies that apply to that Windows user are downloaded from the file server. The policies are applied to the registry before the user does anything on the workstation.</div>
<p><strong>Microsoft<sup>®</sup> policies versus application administration:</strong></p>
<p>iSeries Access Express supports two different strategies for implementing administrative control within your network: Microsoft system policies and iSeries Navigator Application Administration. Consider the following when deciding which strategy is best suited for your needs.</p>
<p><em>Microsoft system policies</em>:</p>
<p>Policies are PC driven, not dependent upon specific OS/400<sup>®</sup> releases. Policies can apply to PCs as well as Windows users. This means that users refer to the Windows user profile, not the server user profile. Policies can be used to configure as well as to restrict. Policies typically will offer more granularity than Application Administration and can offer a larger breadth of function. This is because a connection to the server is not needed to determine whether the user can use the function or not. Implementing policies is more complicated than implementing Application Administration because the use of the Microsoft system policy editor is required and PCs must be individually configured to download policies.</p>
<p><em>iSeries Navigator application administration</em>:</p>
<p>Application Administration associates data with the user profile, instead of the Windows profile that Microsoft system policies associate with. Application Administration uses the graphical user interface of iSeries Navigator to administer, which is much easier to use than policy editor. Application Administration info applies to the user regardless of which PC he signs on from. Particular functions within iSeries Navigator can be restricted. Application Administration is preferable if all of the functions you want to restrict are Application Administration-enabled, and if the version of OS/400 being used supports Application Administration.</p>
</div>
</div>
<div>
<div class="familylinks">
<div class="parentlink"><strong>Parent topic:</strong> <a href="rzamvsecstation.htm" title="After you secure printer output, you should secure your workstations. You authorize workstations just like you authorize other objects on the system. Use the EDTOBJAUT command to give users authority to workstations.">Secure your workstations</a></div>
</div>
</div>
</body>
</html>