148 lines
8.5 KiB
HTML
148 lines
8.5 KiB
HTML
|
<?xml version="1.0" encoding="UTF-8"?>
|
|||
|
<!DOCTYPE html
|
|||
|
PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
|
|||
|
<html lang="en-us" xml:lang="en-us">
|
|||
|
<head>
|
|||
|
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
|
|||
|
<meta name="security" content="public" />
|
|||
|
<meta name="Robots" content="index,follow" />
|
|||
|
<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' />
|
|||
|
<meta name="DC.Type" content="concept" />
|
|||
|
<meta name="DC.Title" content="Restore objects" />
|
|||
|
<meta name="abstract" content="When you restore an object to the system, the system uses the authority information stored with the object." />
|
|||
|
<meta name="description" content="When you restore an object to the system, the system uses the authority information stored with the object." />
|
|||
|
<meta name="DC.Relation" scheme="URI" content="rzamvrestoresecinfo.htm" />
|
|||
|
<meta name="copyright" content="(C) Copyright IBM Corporation 2006" />
|
|||
|
<meta name="DC.Rights.Owner" content="(C) Copyright IBM Corporation 2006" />
|
|||
|
<meta name="DC.Format" content="XHTML" />
|
|||
|
<meta name="DC.Identifier" content="restoreobj" />
|
|||
|
<meta name="DC.Language" content="en-us" />
|
|||
|
<!-- All rights reserved. Licensed Materials Property of IBM -->
|
|||
|
<!-- US Government Users Restricted Rights -->
|
|||
|
<!-- Use, duplication or disclosure restricted by -->
|
|||
|
<!-- GSA ADP Schedule Contract with IBM Corp. -->
|
|||
|
<link rel="stylesheet" type="text/css" href="./ibmdita.css" />
|
|||
|
<link rel="stylesheet" type="text/css" href="./ic.css" />
|
|||
|
<title>Restore objects</title>
|
|||
|
</head>
|
|||
|
<body id="restoreobj"><a name="restoreobj"><!-- --></a>
|
|||
|
<!-- Java sync-link --><script language="Javascript" src="../rzahg/synch.js" type="text/javascript"></script>
|
|||
|
<h1 class="topictitle1">Restore objects</h1>
|
|||
|
<div><p>When you restore an object to the system, the system uses the authority
|
|||
|
information stored with the object.</p>
|
|||
|
<p>The following applies to security of the restored object: </p>
|
|||
|
<div class="p">Object ownership: <ul><li>If the profile that owns the object is on the system, ownership is restored
|
|||
|
to that profile.</li>
|
|||
|
<li>If the owner profile does not exist on the system, ownership of the object
|
|||
|
is given to the QDFTOWN (default owner) user profile.</li>
|
|||
|
<li>If the object exists on the system and the owner on the system is different
|
|||
|
from the owner on the save media, the object is not restored unless ALWOBJDIF(*ALL)
|
|||
|
is specified. In that case, the object is restored and the owner on the system
|
|||
|
is used.</li>
|
|||
|
</ul>
|
|||
|
</div>
|
|||
|
<p>Primary group: </p>
|
|||
|
<div class="p">For an object that does not exist on the system: <ul><li>If the profile that is the primary group for the object is on the system,
|
|||
|
the primary group value and authority are restored for the object.</li>
|
|||
|
<li>If the profile that is the primary group does not exist on the system:<ul><li>The primary group for the object is set to none.</li>
|
|||
|
<li>The primary group authority is set to no authority.</li>
|
|||
|
</ul>
|
|||
|
</li>
|
|||
|
</ul>
|
|||
|
When an existing object is restored, the primary group for the object
|
|||
|
is not changed by the restore operation.</div>
|
|||
|
<div class="p">Public authority:<ul><li>If the object being restored does not exist on the system, public authority
|
|||
|
is set to the public authority of the saved object.</li>
|
|||
|
<li>If the object being restored does exist and is being replaced, public
|
|||
|
authority is not changed. The public authority from the saved version of the
|
|||
|
object is not used.</li>
|
|||
|
<li>The CRTAUT for the library is not used when restoring objects to the library.</li>
|
|||
|
</ul>
|
|||
|
</div>
|
|||
|
<div class="p">Authorization list: <ul><li>If an object, other than a document or folder, already exists on the system
|
|||
|
and is linked to an authorization list, the ALWOBJDIF parameter determines
|
|||
|
the result: <ul><li>If ALWOBJDIF(*NONE) is specified, the existing object must have the same
|
|||
|
authorization list as the saved object. If not, the object is not restored.
|
|||
|
– </li>
|
|||
|
<li>If ALWOBJDIF(*ALL) is specified, the object is restored. The object is
|
|||
|
linked to the authorization list associated with the existing object.</li>
|
|||
|
</ul>
|
|||
|
</li>
|
|||
|
<li>If a document or folder that already exists on the system is restored,
|
|||
|
the authorization list associated with the object on the system is used. The
|
|||
|
authorization list from the saved document or folder is not used. </li>
|
|||
|
<li>If the authorization list does not exist on the system, the object is
|
|||
|
restored without being linked to an authorization list and the public authority
|
|||
|
is changed to *EXCLUDE. </li>
|
|||
|
<li> If the object is being restored on the same system from which it was
|
|||
|
saved, the object is linked to the authorization list again. </li>
|
|||
|
<li>If the object is being restored on a different system, the ALWOBJDIF parameter
|
|||
|
on the restore command is used to determine whether the object is linked to
|
|||
|
the authorization list: <ul><li>If ALWOBJDIF(*ALL) is specified, the object is linked to the authorization
|
|||
|
list. </li>
|
|||
|
<li>If ALWOBJDIF(*NONE) is specified, then the object is not linked to the
|
|||
|
authorization list and the public authority of the object is changed to *EXCLUDE.</li>
|
|||
|
</ul>
|
|||
|
</li>
|
|||
|
</ul>
|
|||
|
</div>
|
|||
|
<div class="p">Private authorities: <ul><li>Private authority is saved with user profiles, not with objects.</li>
|
|||
|
<li>If user profiles have private authority to an object being restored, those
|
|||
|
private authorities are usually not affected. Restoring certain types of programs
|
|||
|
may result in private authorities being revoked. </li>
|
|||
|
<li>If an object is deleted from the system and then restored from a saved
|
|||
|
version, private authority for the object no longer exists on the system.
|
|||
|
When an object is deleted, all private authority to the object is removed
|
|||
|
from user profiles.</li>
|
|||
|
<li>If private authorities need to be recovered, the Restore Authority (RSTAUT)
|
|||
|
command must be used. The normal sequence is:<ol><li>Restore user profiles</li>
|
|||
|
<li>Restore objects </li>
|
|||
|
<li>Restore authority</li>
|
|||
|
</ol>
|
|||
|
</li>
|
|||
|
</ul>
|
|||
|
</div>
|
|||
|
<div class="p">Object Auditing: <ul><li>If the object being restored does not exist on the system, the object
|
|||
|
auditing (OBJAUD) value of the saved object is restored.</li>
|
|||
|
<li>If the object being restored does exist and is being replaced, the object
|
|||
|
auditing value is not changed. The OBJAUD value of the saved version of the
|
|||
|
object is not restored. </li>
|
|||
|
<li>If a library being restored does not exist on the system, the create object
|
|||
|
auditing (CRTOBJAUD) value for the library is restored. </li>
|
|||
|
<li> If a library being restored exists and is being replaced, the CRTOBJAUD
|
|||
|
value for the library is not restored. The CRTOBJAUD value for the existing
|
|||
|
library is used.</li>
|
|||
|
</ul>
|
|||
|
</div>
|
|||
|
<div class="p">Authority Holder: <ul><li>If a file is restored and an authority holder exists for that file name
|
|||
|
and the library to which it is being restored, the file is linked to the authority
|
|||
|
holder. </li>
|
|||
|
<li>The authority information associated with the authority holder replaces
|
|||
|
the public authority and owner information saved with the file. </li>
|
|||
|
</ul>
|
|||
|
</div>
|
|||
|
<p>Domain Objects: For systems running Version 2 Release 3 or later of the
|
|||
|
OS/400 licensed program, the system restricts user domain objects
|
|||
|
(*USRSPC, *USRIDX, and *USRQ) to the libraries specified in the QALWUSRDMN
|
|||
|
system value. If a library is removed from the QALWUSRDMN system value after
|
|||
|
a user domain object of type *USRSPC, *USRIDX, or *USRQ is saved, the system
|
|||
|
changes the object to system domain when it is restored.</p>
|
|||
|
<p>Function Registration Information: The function registration information
|
|||
|
can be restored by restoring the QUSEXRGOBJ *EXITRG object into QUSRSYS. This
|
|||
|
restores all of the registered functions. The usage information associated
|
|||
|
with the functions is restored when user profiles and authorities are restored.</p>
|
|||
|
<p>Applications that Use Certificates Registration: The applications that
|
|||
|
use certificates registration information can be restored by restoring the
|
|||
|
QUSEXRGOBJ *EXITRG object into QUSRSYS. This restores all of the registered
|
|||
|
applications. The association of the application to its certificate information
|
|||
|
can be restored by restoring the QYCDCERTI *USRIDX object into QUSRSYS.</p>
|
|||
|
<p>Refer to <a href="rzamvrestoreauth.htm#restoreauth">Restore authority</a> for
|
|||
|
more information.</p>
|
|||
|
</div>
|
|||
|
<div>
|
|||
|
<div class="familylinks">
|
|||
|
<div class="parentlink"><strong>Parent topic:</strong> <a href="rzamvrestoresecinfo.htm" title="Recovering your system often requires restoring data and associated security information.">Restore security information</a></div>
|
|||
|
</div>
|
|||
|
</div>
|
|||
|
</body>
|
|||
|
</html>
|