Examples: Output queue
These examples demonstrate how to set security parameters for output queues to meet different requirements.
- Create a general-purpose output queue. All users are allowed to display
all spooled files. The system operators are allowed to manage the queue and
change spooled files:
CRTOUTQ OUTQ(QGPL/GPOUTQ) DSPDTA(*YES) + OPRCTL(*YES) AUTCHK(*OWNER) AUT(*USE)
- Create an output queue for an application. Only members of the group profile
GRPA are allowed to use the output queue. All authorized users of the output
queue are allowed to display all spooled files. System operators are not allowed
to work with the output queue:
CRTOUTQ OUTQ(ARLIB/AROUTQ) DSPDTA(*YES) + OPRCTL(*NO) AUTCHK(*OWNER) AUT(*EXCLUDE) GRTOBJAUT OBJ(ARLIB/AROUTQ) OBJTYP(*OUTQ) + USER(GRPA) AUT(*CHANGE)
- Create a confidential output queue for the security officers to use when
printing information about user profiles and authorities. The output queue
is created and owned by the QSECOFR profile.
CRTOUTQ OUTQ(QGPL/SECOUTQ) DSPDTA(*OWNER) + AUTCHK(*DTAAUT) OPRCTL(*NO) + AUT(*EXCLUDE)
Even if the security officers on a system have *ALLOBJ special authority, they are not able to access spooled files owned by others on the SECOUTQ output queue.
- Create an output queue that is shared by users printing confidential files
and documents. Users can work with only their own spooled files. System operators
can work with the spooled files, but they cannot display the contents of the
CRTOUTQ OUTQ(QGPL/CFOUTQ) DSPDTA(*OWNER) + AUTCHK(*OWNER) OPRCTL(*YES) AUT(*USE)