General security system values
This topic introduces the general system values that you can use to control security on your IBM® i operating system.
Overview:
General security system values allow you to set security function to support the decisions you made when developing your security policy. For example, in your security policy you state that systems containing confidential information, such as customer accounts or payroll inventories, need a stricter level of security than systems used for testing applications that are developed within your company. You can then plan and set a security level on these systems that corresponds with the decisions you made while developing your security policy.
- Purpose:
- Specify system values that control security on the system.
- How To:
WRKSYSVAL *SEC(Work with System Values command)- Authority:
- *ALLOBJ and *SECADM
- Journal Entry:
- SV
- Note:
- Changes take effect immediately. IPL is required only when changing the security level (QSECURITY system value) or password level (QPWDLVL system value).
General system values that control security on your system are as follows:
- QALWUSRDMN
- Allow user domain objects in the libraries
- QCRTAUT
- Create default public authority
- QDSPSGNINF
- Display sign-on information
- QFRCCVNRST
- Force conversion on restore
- QINACTITV
- Inactive job time-out interval
- QINACTMSGQ
- Inactive job message queue
- QLMTDEVSSN
- Limit device sessions
- QLMTSECOFR
- Limit security officer
- QMAXSIGN
- Maximum sign-on attempts
- QMAXSGNACN
- Action when maximum sign-on attempts exceeded
- QRETSVRSEC
- Retain Server Security
- QRMTSIGN
- Remote sign-on requests
- QSCANFS
- Scan file systems
- QSCANFSCTL
- Scan file systems control
- QSECURITY
- Security level
- QSHRMEMCTL
- Shared memory control
- QUSEADPAUT
- Use Adopted Authority
- QVFYOBJRST
- Verify object on restore