ibm-information-center/dist/eclipse/plugins/i5OS.ic.rzamp_5.4.0.1/rzampsecurity.htm

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html
  PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us" xml:lang="en-us">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="security" content="public" />
<meta name="Robots" content="index,follow" />
<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' />
<meta name="DC.Type" content="reference" />
<meta name="DC.Title" content="Security limits" />
<meta name="abstract" content="This topic contains the values for the system limits that are related to security, such as limits on the length of passwords and the number of user profiles on a system." />
<meta name="description" content="This topic contains the values for the system limits that are related to security, such as limits on the length of passwords and the number of user profiles on a system." />
<meta name="DC.Relation" scheme="URI" content="rzampoverview.htm" />
<meta name="copyright" content="(C) Copyright IBM Corporation 2003, 2006" />
<meta name="DC.Rights.Owner" content="(C) Copyright IBM Corporation 2003, 2006" />
<meta name="DC.Format" content="XHTML" />
<meta name="DC.Identifier" content="rzampsecurity" />
<meta name="DC.Language" content="en-us" />
<!-- All rights reserved. Licensed Materials Property of IBM -->
<!-- US Government Users Restricted Rights -->
<!-- Use, duplication or disclosure restricted by -->
<!-- GSA ADP Schedule Contract with IBM Corp. -->
<link rel="stylesheet" type="text/css" href="./ibmdita.css" />
<link rel="stylesheet" type="text/css" href="./ic.css" />
<title>Security limits</title>
</head>
<body id="rzampsecurity"><a name="rzampsecurity"><!-- --></a>
<!-- Java sync-link --><script language="Javascript" src="../rzahg/synch.js" type="text/javascript"></script>
<h1 class="topictitle1">Security limits</h1>
<div><p>This topic contains the values for the system limits that are related
to security, such as limits on the length of passwords and the number of user
profiles on a system.</p>
<div class="section"><div class="p"> 
<div class="tablenoborder"><table cellpadding="4" cellspacing="0" summary="" width="100%" frame="border" border="1" rules="all"><caption>Table 1. Security limits</caption><thead align="left"><tr><th valign="top" width="50%" id="d0e23">Security limits</th>
<th valign="top" width="50%" id="d0e25">Value</th>
</tr>
</thead>
<tbody><tr><td valign="top" width="50%" headers="d0e23 ">Maximum number of entries for a user profile<sup>1, 2, 3</sup></td>
<td valign="top" width="50%" headers="d0e25 ">10 000 000</td>
</tr>
<tr><td valign="top" width="50%" headers="d0e23 ">Maximum number of objects that can be secured by an authorization list</td>
<td valign="top" width="50%" headers="d0e25 ">2 097 070</td>
</tr>
<tr><td valign="top" width="50%" headers="d0e23 ">Maximum number of private authorities to an authorization list<sup>4</sup></td>
<td valign="top" width="50%" headers="d0e25 ">9 999 999</td>
</tr>
<tr><td valign="top" width="50%" headers="d0e23 ">Maximum number of entries in a validation list</td>
<td valign="top" width="50%" headers="d0e25 ">2 147 483</td>
</tr>
<tr><td valign="top" width="50%" headers="d0e23 ">Maximum number of user profiles on a system</td>
<td valign="top" width="50%" headers="d0e25 ">Approximately 340 000</td>
</tr>
<tr><td valign="top" width="50%" headers="d0e23 ">Maximum length of a password</td>
<td valign="top" width="50%" headers="d0e25 ">128</td>
</tr>
<tr><td valign="top" width="50%" headers="d0e23 ">Maximum number of profile handles in a job</td>
<td valign="top" width="50%" headers="d0e25 ">Approximately 20 000</td>
</tr>
<tr><td valign="top" width="50%" headers="d0e23 ">Maximum number of profile tokens on the system</td>
<td valign="top" width="50%" headers="d0e25 ">Approximately 2 000 000</td>
</tr>
<tr><td valign="top" width="50%" headers="d0e23 ">Maximum amount of storage in the system and basic user
ASPs, or in each Independent ASP, for permanent objects owned by a single
user profile</td>
<td valign="top" width="50%" headers="d0e25 ">8 terabytes</td>
</tr>
<tr><td colspan="2" valign="top" headers="d0e23 d0e25 "><strong>Notes<sup>®</sup>:</strong>  <ol><li>A user profile contains four categories of entries: 1) every object owned
by the profile, 2) every private authority the profile has to other objects,
3) every private authority to objects owned by this profile that other profiles
have, and 4) every object for which this profile is the primary group. The
sum of these categories equals the total number of entries for the profile.</li>
<li>The operating system maintains internal user profiles that own objects
that are shared or cannot be assigned to a single individual user (for example,
QDBSHR owns shared database objects such as database formats, access paths,
and so on). These internal user profiles are subject to the same limits as
any other user profile on the system.</li>
<li>Using authorization lists or group profiles reduces the number of private
authorities and helps avoid this limit (see the <a href="../rzahg/rzahgicsecurity.htm">Security</a> topic in the Information Center).</li>
<li>Limit is due to the maximum number of entries allowed for the user profile
that owns the authorization list (one less because a category 01 entry is
used for the ownership of the authorization list).</li>
</ol>
</td>
</tr>
</tbody>
</table>
</div>
</div>
</div>
</div>
<div>
<div class="familylinks">
<div class="parentlink"><strong>Parent topic:</strong> <a href="rzampoverview.htm" title="If you exceed system limitations you can experience an application outage or a system outage. Avoid these types of outages by being aware of the maximum capacities and system limitations in advance.">Maximum capacities</a></div>
</div>
</div>
</body>
</html>