93 lines
6.5 KiB
HTML
93 lines
6.5 KiB
HTML
<?xml version="1.0" encoding="UTF-8"?>
|
|
<!DOCTYPE html
|
|
PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
|
|
<html lang="en-us" xml:lang="en-us">
|
|
<head>
|
|
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
|
|
<meta name="security" content="public" />
|
|
<meta name="Robots" content="index,follow" />
|
|
<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' />
|
|
<meta name="DC.Type" content="concept" />
|
|
<meta name="DC.Title" content="Manage security for logical partitions" />
|
|
<meta name="abstract" content="Understand who has authority to perform logical partition tasks and how to restrict access to the system." />
|
|
<meta name="description" content="Understand who has authority to perform logical partition tasks and how to restrict access to the system." />
|
|
<meta name="DC.Relation" scheme="URI" content="rzaitmanagelparoverview.htm" />
|
|
<meta name="DC.Relation" scheme="URI" content="rzaitauthority.htm" />
|
|
<meta name="DC.Relation" scheme="URI" content="rzaitsrclist.htm" />
|
|
<meta name="DC.Relation" scheme="URI" content="rzaitsrclist.htm" />
|
|
<meta name="DC.Relation" scheme="URI" content="rzaitsrclist.htm" />
|
|
<meta name="DC.Relation" scheme="URI" content="rzaitsrclist.htm" />
|
|
<meta name="DC.Relation" scheme="URI" content="rzaitsrclist.htm" />
|
|
<meta name="DC.Relation" scheme="URI" content="rzaitsecurity.htm" />
|
|
<meta name="copyright" content="(C) Copyright IBM Corporation 2004, 2006" />
|
|
<meta name="DC.Rights.Owner" content="(C) Copyright IBM Corporation 2004, 2006" />
|
|
<meta name="DC.Format" content="XHTML" />
|
|
<meta name="DC.Identifier" content="rzaitsecurepar" />
|
|
<meta name="DC.Language" content="en-us" />
|
|
<!-- All rights reserved. Licensed Materials Property of IBM -->
|
|
<!-- US Government Users Restricted Rights -->
|
|
<!-- Use, duplication or disclosure restricted by -->
|
|
<!-- GSA ADP Schedule Contract with IBM Corp. -->
|
|
<link rel="stylesheet" type="text/css" href="./ibmdita.css" />
|
|
<link rel="stylesheet" type="text/css" href="./ic.css" />
|
|
<title>Manage security for logical partitions</title>
|
|
</head>
|
|
<body id="rzaitsecurepar"><a name="rzaitsecurepar"><!-- --></a>
|
|
<!-- Java sync-link --><script language="Javascript" src="../rzahg/synch.js" type="text/javascript"></script>
|
|
<h1 class="topictitle1">Manage security for logical partitions</h1>
|
|
<div><p>Understand who has authority to perform logical partition tasks
|
|
and how to restrict access to the system.</p>
|
|
<p>Most security related tasks you perform on a partitioned system are the
|
|
same as on a system without logical partitions. However, when you create logical
|
|
partitions, you work with more than one independent system. Therefore you
|
|
will have to perform the same tasks on each logical partition instead of just
|
|
once on a system without logical partitions.</p>
|
|
<p>Here are some basic rules to remember when dealing with security on logical
|
|
partitions:</p>
|
|
<ul><li>You must first configure the service tools server in order to access the iSeries™ Navigator
|
|
logical partition functions. For more information on the service tools server,
|
|
refer to <a href="../rzamh/rzamhsrvtoolsrvr.htm" target="_blank">Configure
|
|
the service tools server</a> .</li>
|
|
<li>Users performing logical partition operation or administration authority
|
|
will require a Service Tool user profile in the primary partition. </li>
|
|
<li>You add users to the system one logical partition at a time. You need
|
|
to add your users to each logical partition you want them to access.</li>
|
|
<li>Partitions cannot see or use memory and disk units of another logical
|
|
partition.</li>
|
|
<li>Partitions can only see their own hardware resources.</li>
|
|
<li>The iSeries Navigator
|
|
logical partition function can see all system hardware resources in the Configure
|
|
Partitions window by selecting All hardware when used from the primary partition.
|
|
When used from secondary partitions, only the resources assigned to the partition
|
|
are viewable. In either partition, users require logical partition operation
|
|
or administration authority to view information.</li>
|
|
<li>The system control panel controls the primary partition. The remote control
|
|
panel controls all partitions on the server. When any partition is set to
|
|
secure, no actions can be performed from either the system panel, the remote
|
|
control panel, or the Work with Partitions Status display from SST. To force
|
|
DST from the system control panel or the remote control panel, you must change
|
|
the mode to Manual. <ul><li>You can use the remote control panel to power on and power off the partition.</li>
|
|
<li>You can use the remote control panel to set the secondary partition mode
|
|
from secure to any other value.</li>
|
|
</ul>
|
|
<p>Once a secondary partition's mode is no longer secure, you can use
|
|
the remote control panel to change the partition status.</p>
|
|
</li>
|
|
</ul>
|
|
<p>For more information on security on your iSeries server, refer to <a href="../books/sc415302.pdf" target="_blank">iSeries Security-Reference</a> <img src="wbpdf.gif" alt="Link to PDF" /> and <a href="../rzamv/rzamvplansec.htm">Plan and set up system security</a> for additional information
|
|
on security.</p>
|
|
</div>
|
|
<div>
|
|
<div class="familylinks">
|
|
<div class="parentlink"><strong>Parent topic:</strong> <a href="rzaitmanagelparoverview.htm" title="Find all the information you need to manage your logical partitions. Access your logical partition information, and find instructions on restarting and powering down individual logical partitions. Also, use the information to change your logical partition configuration, manage security, and change processing resources.">Manage logical partitions</a></div>
|
|
</div>
|
|
<div class="relconcepts"><strong>Related concepts</strong><br />
|
|
<div><a href="rzaitsrclist.htm" title="Find a list that contains the common SRCs that the PAL can report.">System reference codes (SRCs) for logical partitions</a></div>
|
|
<div><a href="rzaitsecurity.htm" title="Secondary partitions act as independent servers on your iSeries.">Enforce security in secondary partitions</a></div>
|
|
</div>
|
|
<div class="reltasks"><strong>Related tasks</strong><br />
|
|
<div><a href="rzaitauthority.htm" title="The authorities that you grant to service tool users determines what logical partition information they can access and what tasks they can perform. Care should be exercised in assigning service tool user profile privileges to manage partition security.">Logical partition authority</a></div>
|
|
</div>
|
|
</div>
|
|
</body>
|
|
</html> |