Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
The first query identifies those users who are lacking authority to use their own *USRPRF. This lack of authority can cause annoying failures in software products. The other queries are used to review whether the *USRPRF ownership implementation matches the strategy.
--
-- description: Which users lack basic authority to their own user profile?
--
select *
from qsys2.object_privileges
where object_type = '*USRPRF'
and object_name = authorization_name
and (object_operational <> 'YES'
or object_management <> 'YES'
or data_read <> 'YES'
or data_add <> 'YES'
or data_update <> 'YES'
or data_delete <> 'YES'
or data_execute <> 'YES');
--
-- description: Review of *USRPRF ownership (summary)
--
select USER_OWNER, COUNT(*) as OWNERSHIP_COUNT
from qsys2.user_info
group by user_owner
order by 2 desc;
--
-- description: Review of *USRPRF ownership (detail)
--
select USER_OWNER, USER_NAME, u.*
from qsys2.user_info u
where user_owner not in ('QSYS', 'QSECOFR')
order by 1,2 desc;
@arlenstovall

This comment has been minimized.

Copy link

commented Jul 9, 2019

Thanks Scott

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.