Manage security for logical partitions

Understand who has authority to perform logical partition tasks and how to restrict access to the system.

Most security related tasks you perform on a partitioned system are the same as on a system without logical partitions. However, when you create logical partitions, you work with more than one independent system. Therefore you will have to perform the same tasks on each logical partition instead of just once on a system without logical partitions.

Here are some basic rules to remember when dealing with security on logical partitions:

• You must first configure the service tools server in order to access the iSeries™ Navigator logical partition functions. For more information on the service tools server, refer to Configure the service tools server .
• Users performing logical partition operation or administration authority will require a Service Tool user profile in the primary partition.
• You add users to the system one logical partition at a time. You need to add your users to each logical partition you want them to access.
• Partitions cannot see or use memory and disk units of another logical partition.
• Partitions can only see their own hardware resources.
• The iSeries Navigator logical partition function can see all system hardware resources in the Configure Partitions window by selecting All hardware when used from the primary partition. When used from secondary partitions, only the resources assigned to the partition are viewable. In either partition, users require logical partition operation or administration authority to view information.
• The system control panel controls the primary partition. The remote control panel controls all partitions on the server. When any partition is set to secure, no actions can be performed from either the system panel, the remote control panel, or the Work with Partitions Status display from SST. To force DST from the system control panel or the remote control panel, you must change the mode to Manual.
  • You can use the remote control panel to power on and power off the partition.
  • You can use the remote control panel to set the secondary partition mode from secure to any other value.

  Once a secondary partition's mode is no longer secure, you can use the remote control panel to change the partition status.

For more information on security on your iSeries server, refer to iSeries Security-Reference and Plan and set up system security for additional information on security.