79 lines
5.4 KiB
HTML
79 lines
5.4 KiB
HTML
|
<?xml version="1.0" encoding="UTF-8"?>
|
||
|
<!DOCTYPE html
|
||
|
PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
|
||
|
<html lang="en-us" xml:lang="en-us">
|
||
|
<head>
|
||
|
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
|
||
|
<meta name="security" content="public" />
|
||
|
<meta name="Robots" content="index,follow" />
|
||
|
<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' />
|
||
|
<meta name="DC.Type" content="concept" />
|
||
|
<meta name="DC.Title" content="User profiles" />
|
||
|
<meta name="abstract" content="Every system user must have a user identity before they can sign on to and use a system. This user identity is called a user profile." />
|
||
|
<meta name="description" content="Every system user must have a user identity before they can sign on to and use a system. This user identity is called a user profile." />
|
||
|
<meta name="DC.Relation" scheme="URI" content="rzamvconcepts.htm" />
|
||
|
<meta name="DC.Relation" scheme="URI" content="rzamvplanuserprof.htm" />
|
||
|
<meta name="DC.Relation" scheme="URI" content="rzamvchangeuserprof.htm" />
|
||
|
<meta name="DC.Relation" scheme="URI" content="rzamvenabledisableduserprof.htm" />
|
||
|
<meta name="copyright" content="(C) Copyright IBM Corporation 2006" />
|
||
|
<meta name="DC.Rights.Owner" content="(C) Copyright IBM Corporation 2006" />
|
||
|
<meta name="DC.Format" content="XHTML" />
|
||
|
<meta name="DC.Identifier" content="userprof" />
|
||
|
<meta name="DC.Language" content="en-us" />
|
||
|
<!-- All rights reserved. Licensed Materials Property of IBM -->
|
||
|
<!-- US Government Users Restricted Rights -->
|
||
|
<!-- Use, duplication or disclosure restricted by -->
|
||
|
<!-- GSA ADP Schedule Contract with IBM Corp. -->
|
||
|
<link rel="stylesheet" type="text/css" href="./ibmdita.css" />
|
||
|
<link rel="stylesheet" type="text/css" href="./ic.css" />
|
||
|
<title>User profiles</title>
|
||
|
</head>
|
||
|
<body id="userprof"><a name="userprof"><!-- --></a>
|
||
|
<!-- Java sync-link --><script language="Javascript" src="../rzahg/synch.js" type="text/javascript"></script>
|
||
|
<h1 class="topictitle1">User profiles</h1>
|
||
|
<div><p>Every system user must have a user identity before they can sign
|
||
|
on to and use a system. This user identity is called a <dfn class="term">user profile</dfn>.</p>
|
||
|
<p> A user identity is a string of characters that uniquely identifies
|
||
|
a user to a system. Only an administrator with appropriate system authority
|
||
|
can create a user profile for a user.</p>
|
||
|
<p>A user profile controls what the user can do and customizes the way the
|
||
|
system appears to the user. A user profile contains the information that i5/OS™ requires
|
||
|
to allow users to sign on to a system, to access their own customized session,
|
||
|
including their own message and output queue, and to access functions and
|
||
|
objects to which they have been granted authority. Designing user profiles
|
||
|
well can help you protect your system and customize it for your users. Every
|
||
|
system user must have a user profile and a system administrator must create
|
||
|
the user profile for the user.</p>
|
||
|
<div class="p">There are a number of parameters that an administrator can define for a
|
||
|
user profile, including a number of security related attributes. Following
|
||
|
are descriptions of a few important security attributes of the user profile: <ul><li><strong>Special authority:</strong> Special authorities determine whether the user
|
||
|
is allowed to perform system functions, such as creating user profiles or
|
||
|
changing the jobs of other users.</li>
|
||
|
<li><strong>Initial menu and initial program:</strong> The initial menu and program
|
||
|
determine what the user sees after signing on the system. You can limit a
|
||
|
user to a specific set of tasks by restricting the user to an initial menu.</li>
|
||
|
<li><strong>Limit capabilities:</strong> The limit capabilities field in the user profile
|
||
|
determines whether the user can enter commands and change the initial menu
|
||
|
or initial program when signing on.</li>
|
||
|
</ul>
|
||
|
</div>
|
||
|
<p>You can include a user profile in <a href="rzamvgroupprof.htm#groupprof">group
|
||
|
profiles</a>. In this way, all group members share access to specific objects
|
||
|
and share ownership of objects. Group profiles can simplify many
|
||
|
user administration tasks by allowing you to apply a single change to many
|
||
|
users.</p>
|
||
|
<p>For more information on user profiles, see <span class="q">"Chapter 4. User
|
||
|
Profiles"</span> in the <cite>iSeries™ Security Reference</cite>.</p>
|
||
|
</div>
|
||
|
<div>
|
||
|
<div class="familylinks">
|
||
|
<div class="parentlink"><strong>Parent topic:</strong> <a href="rzamvconcepts.htm" title="To effectively create a security policy and plan security measures for your system, you need to understand the following security concepts, some of which are general concepts and some of which are specific to the hardware type.">Concepts</a></div>
|
||
|
</div>
|
||
|
<div class="relconcepts"><strong>Related concepts</strong><br />
|
||
|
<div><a href="rzamvplanuserprof.htm" title="This topic describes the purpose of user profiles and how to design them.">Plan user profiles</a></div>
|
||
|
<div><a href="rzamvchangeuserprof.htm" title="This topic describes how to change a user profile, and provides step-by-step instructions.">Change a user profile</a></div>
|
||
|
<div><a href="rzamvenabledisableduserprof.htm" title="This topic describes how to enable a disabled user profile, explains why it is important, and provides step-by-step instructions.">Enable a disabled user profile</a></div>
|
||
|
</div>
|
||
|
</div>
|
||
|
</body>
|
||
|
</html>
|