This topic describes special authorities that can be specified
for a user.
The system security level determines what the default special authorities
are for each user class. When you create a user profile, you can select special
authorities based on the user class. Special authorities are also added and
removed from user profiles when you change security levels.
You can specify these special authorities for a user:
- *ALLOBJ
- All-object special authority allows a user authority to perform all operations
on objects.
- *AUDIT
- Audit special authority allows a user to define the auditing characteristics
of the system, objects, and system users.
- *IOSYSCFG
- System configuration special authority allows a user to configure communication, and input and output devices
on the system.
- *JOBCTL
- Job control special authority allows a user to control batch jobs and
printing on the system.
- *SAVSYS
- Save system special authority allows a user to save and restore objects.
- *SECADM
- Security administrator special authority allows a user to work with user
profiles on the system.
- *SERVICE
- Service special authority allows a user to perform software service functions
on the system.
- *SPLCTL
- Spool control special authority allows unrestricted control of batch jobs
and output queues on the system.
For more information on special authorities, see "Using System Security
(QSecurity) System Value" in the iSeries™ Security Reference.