friedkiwi/ibm-information-center
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
14ed2849c6
ibm-information-center/dist/eclipse/plugins/i5OS.ic.rzamy_5.4.0.1/50/admin/qshsetauth.htm

85 lines
5.1 KiB
HTML
Raw Blame History

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<META http-equiv="Content-Type" content="text/html; charset=utf-8">
<LINK rel="stylesheet" type="text/css" href="../../../rzahg/ic.css">
<title>Set explicit authorities for the startServer and stopServer scripts</title>
</head>
<BODY>
<!-- Java sync-link -->
<SCRIPT LANGUAGE="Javascript" SRC="../../../rzahg/synch.js" TYPE="text/javascript"></SCRIPT>
<h4><a name="qshsetauth"></a>Set explicit authorities for the startServer and stopServer scripts</h4>
<p>You can set explicit authorities to allow a user profile to start and stop application servers even if the profile does not have *ALLOBJ authority. When you set these authorities for a user profile, that user profile can also use the HTTP Administration forms to start and stop application servers.</p>
<p><strong>Note:</strong> In the steps below, <em>userid</em> is the user profile for which you want to set the authorities.</p>
<p><strong>Set authorities for the startServer script</strong></p>
<p>To set explicit authorities for the startServer script, follow these steps:</p>
<ol>
<li><p>Run these commands on an CL command line:</p>
<ol type="a">
<li><pre>CHGAUT OBJ('/QIBM/ProdData/WebASE/ASE5/bin/startServer') USER(<em>USERID</em>) DTAAUT(*RX)</pre></li>
<li><pre>CHGUSRPRF USRPRF(<em>userid</em>) SPCAUT(*JOBCTL)</pre></li>
<li><pre>GRTOBJAUT OBJ(QASE5/STRSVRWAIT) OBJTYPE(*PGM) USER(<em>USERID</em>) AUT(*USE)</pre></li>
<li><pre>GRTOBJAUT OBJ(QASE5/QASE5) OBJTYPE(*JOBD) USER(<em>USERID</em>) AUT(*USE)</pre></li>
<li><pre>GRTOBJAUT OBJ(QASE5/QASE5) OBJTYPE(*JOBQ) USER(<em>USERID</em>) AUT(*USE)</pre></li>
<li><pre>GRTOBJAUT OBJ(QSYS/QEJBSVR) OBJTYPE(*USRPRF) USER(<em>USERID</em>) AUT(*USE)</pre></li>
<li><p>If QEJBSVR is not authorized to the output queue of the <em>userid</em> user profile, you must grant QEJBSVR *USE authority to the output queue:</p>
<pre>GRTOBJAUT OBJ(<em>outqlib</em>/<em>outqname</em>) OBJTYPE(*OUTQ) USER(QEJBSVR) AUT(*USE)</pre>
<p>If you do not want to grant explicit authority to the user's output queue, create an output queue to which QEJBSVR is authorized and use the SBMJOB CL command to start the server. Specify the appropriate value for the OUTQ parameter on the SBMJOB command.</p></li>
</ol><p></p></li>
<li><p>Run the Start Qshell (STRQSH) command from the CL command line.</p></li>
<li><p>In Qshell, run these commands:</p>
<ol type="a">
<li><pre>/QIBM/ProdData/WebASE/ASE5/bin/grtwasaut -instance <em>instance</em> -user <em>userid</em>
-dtaaut rx</pre></li>
<li><pre>/QIBM/ProdData/WebASE/ASE5/bin/grtwasaut -instance <em>instance</em> -user <em>userid</em>
-dtaaut rx -object bin -recursive</pre></li>
</ol></li>
</ol>
<p>After you perform these steps, the user profile can start the server from Qshell with either of these commands:</p>
<ul>
<li><pre>/QIBM/ProdData/WebASE/ASE5/bin/startServer -instance <em>instance</em> -nowait</pre>
<p>This command starts the default server (<em>instance</em>) for instance <em>instance</em>.</p></li>
<li><pre>SBMJOB CMD(CALL PGM(QEJBAS5/QASESTRSVR) PARM('-instance'
'/QIBM/UserData/WebASE/ASE5/<em>instance</em>' '-server' '<em>server</em>')) JOB(<em>server</em>)
JOBD(QASE5/QASE5) JOBQ(QASE5/QASE5) USER(QEJBSVR) LANGID(*USRPRF)
CNTRYID(*USRPRF) CCSID(*USRPRF)</pre>
<p>where <em>instance</em> is the name of the instance and servername is the name of the server.</p>
<p>This command starts the default server (<em>instance</em>) for instance <em>instance</em>.</p></li>
</ul>
<p><strong>Note:</strong> The givedescriptor API used by The STRSVRWAIT program uses the givedescriptor API. This API requires *ALLOBJ in certain situations. As a result, if your user profile does not have *ALLOBJ authority, you must include the <nobr>-nowait</nobr> parameter when you run the startServer script.</p>
<p><strong>Set authorities for the stopServer script</strong></p>
<p>To set explicit authorities for the stopServer script, follow these steps:</p>
<ol>
<li><p>On an CL command line, run this command:</p>
<pre>CHGAUT OBJ('/QIBM/ProdData/WebASE/ASE5/bin/stopServer') USER(<em>USERID</em>) DTAAUT(*RX)</pre></li>
<li><p>Run the Start Qshell (STRQSH) command from the CL command line.</p></li>
<li><p>In Qshell, run these commands:</p>
<ol type="a">
<li><pre>/QIBM/ProdData/WebASE/ASE5/bin/grtwasaut -instance <em>instance</em> -user <em>userid</em>
-dtaaut rx</pre></li>
<li><pre>/QIBM/ProdData/WebASE/ASE5/bin/grtwasaut -instance <em>instance</em> -user <em>userid</em>
-dtaaut rx -object bin -recursive</pre></li>
<li><pre>/QIBM/ProdData/WebASE/ASE5/bin/grtwasaut -instance <em>instance</em> -user <em>userid</em>
-dtaaut rx -object properties</pre></li>
<li><pre>/QIBM/ProdData/WebASE/ASE5/bin/grtwasaut -instance <em>instance</em> -user <em>userid</em>
-dtaaut rx -object properties/java.security</pre></li>
</ol><p></p></li>
</ol>
<p>After you perform these steps, the user profile can run this command from Qshell to stop the server:</p>
<pre>/QIBM/ProdData/WebASE/ASE5/bin/stopServer -instance <em>instance</em></pre>
<p>This command stops the default server (<em>instance</em>) for instance <em>instance</em>.</p>
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink