IBM Support

Tracking Authority Changes on IBM i

How To


Summary

This guide explains how to monitor changes to object authorities on IBM i systems using the SYSTOOLS.AUDIT_JOURNAL_CA table function. This function extracts audit journal entries of type CA (Change Authority), which are generated whenever object permissions are modified for both library and IFS objects.
By using this function, organizations can enhance security and governance by tracking who changed authorities and when. It supports key use cases such as maintaining audit trails, ensuring compliance, investigating potential security incidents, and monitoring user or group access changes.

Objective

This guide demonstrates how to track changes to object authorities on IBM i systems using the SYSTOOLS.AUDIT_JOURNAL_CA table function. This function allows you to monitor when authority settings are modified for both library objects and IFS (Integrated File System) objects.

What is AUDIT_JOURNAL_CA?

The SYSTOOLS.AUDIT_JOURNAL_CA table function retrieves audit journal entries of type CA (Change Authority), which are created whenever the authority of an object is changed. This is critical for:

  • Security Compliance: Track who modified object authorities and when
  • Audit Trail: Maintain records of security permission changes
  • Incident Investigation: Identify unauthorized authority modifications
  • Access Control: Monitor changes to user and group permissions

Environment

 

Prerequisites

System Requirements

  • IBM i 7.4 or higher (7.4, 7.5+)
  • Security auditing must be configured and active
  • QAUDJRN (security audit journal) must exist

Required Authority

To query the audit journal, you need:

  • *USE authority to the journal (QAUDJRN) and all requested journal receivers
  • *OBJEXIST authority to the journal if querying objects that no longer exist
  • Appropriate authorization to view security audit information

Additional Information

 

Tracking Authority Changes on IBM i

Table of Contents

 

Security Audit Configuration

Verify Audit Settings

Before using AUDIT_JOURNAL_CA, ensure auditing is properly configured:

DSPSECAUD

 

Required Settings:

Security journal QAUDJRN exists . . . . . :  YES    
Current QAUDCTL system value  . . . . . . : *AUDLVL
Current QAUDLVL system value  . . . . . . : *SECURITY

 

Enable Auditing (If Needed)

If auditing is not configured:

CHGSECAUD QAUDCTL(*AUDLVL) QAUDLVL(*SECURITY)
 
Important: Auditing must be active before authority changes occur. Historical data is only available if auditing was enabled at the time of the change.

 

Understanding IBM i Authority Levels

Standard Authority Levels

AuthorityObject AuthoritiesData Authorities
*ALL*OBJOPR, *OBJMGT, *OBJEXIST, *OBJALTER, *OBJREF*READ, *ADD, *UPD, *DLT, *EXECUTE
*CHANGE*OBJOPR*READ, *ADD, *UPD, *DLT, *EXECUTE
*USE*OBJOPR*READ, *EXECUTE
*EXCLUDENoneNone

Object Authorities Explained

AuthorityDescription
*OBJOPRObject operational - allows basic operations on the object
*OBJMGTObject management - allows granting/revoking authorities
*OBJEXISTObject existence - allows deleting, renaming, or moving the object
*OBJALTERObject alter - allows changing object attributes
*OBJREFObject reference - allows referencing the object

Data Authorities Explained

AuthorityDescription
*READRead data from the object
*ADDAdd new data to the object
*UPDUpdate existing data in the object
*DLTDelete data from the object
*EXECUTEExecute programs or use libraries

 

Tracking Library Object Authority Changes

SQL Query for Library Objects with Authority Mapping

This query tracks changes to authorities for objects in libraries and maps the authority levels:

WITH AUTHORITY_MAPPING AS (
    SELECT ENTRY_TIMESTAMP,
           QUALIFIED_JOB_NAME,
           JOB_USER,
           USER_NAME,
           OBJECT_NAME,
           OBJECT_LIBRARY AS LIBRARY_NAME,
           OBJECT_TYPE,
           AUTHORIZATION_LIST,
           -- Calculate previous authority level
           CASE
               WHEN PREV_OBJECT_EXCLUDE = 'YES' THEN '*EXCLUDE'
               WHEN PREV_OBJECT_MANAGEMENT = 'YES' AND PREV_OBJECT_EXISTENCE = 'YES'
                    AND PREV_OBJECT_ALTER = 'YES' AND PREV_OBJECT_REFERENCE = 'YES' THEN '*ALL'
               WHEN PREV_DATA_ADD = 'YES' AND PREV_DATA_UPDATE = 'YES' AND PREV_DATA_DELETE = 'YES' THEN '*CHANGE'
               WHEN PREV_OBJECT_OPERATIONAL = 'YES' AND PREV_DATA_READ = 'YES' THEN '*USE'
               ELSE '*USER_DEF'
           END AS PREV_OBJECT_AUTHORITY,
           -- Calculate new authority level
           CASE
               WHEN OBJECT_EXCLUDE = 'YES' THEN '*EXCLUDE'
               WHEN OBJECT_MANAGEMENT = 'YES' AND OBJECT_EXISTENCE = 'YES'
                    AND OBJECT_ALTER = 'YES' AND OBJECT_REFERENCE = 'YES' THEN '*ALL'
               WHEN DATA_ADD = 'YES' AND DATA_UPDATE = 'YES' AND DATA_DELETE = 'YES' THEN '*CHANGE'
               WHEN OBJECT_OPERATIONAL = 'YES' AND DATA_READ = 'YES' THEN '*USE'
               ELSE '*USER_DEF'
           END AS OBJECT_AUTHORITY,
           -- Map previous authority level
           CASE
               WHEN PREV_OBJECT_EXCLUDE = 'YES' THEN 'No Access'
               WHEN PREV_OBJECT_MANAGEMENT = 'YES' AND PREV_OBJECT_EXISTENCE = 'YES'
                    AND PREV_OBJECT_ALTER = 'YES' AND PREV_OBJECT_REFERENCE = 'YES' THEN 'Full Control'
               WHEN PREV_DATA_ADD = 'YES' AND PREV_DATA_UPDATE = 'YES' AND PREV_DATA_DELETE = 'YES' THEN 'Modify'
               WHEN PREV_OBJECT_OPERATIONAL = 'YES' AND PREV_DATA_READ = 'YES' THEN 'Read/Execute'
               ELSE 'User Defined'
           END AS PREV_AUTHORITY_LEVEL,
           -- Map new authority level
           CASE
               WHEN OBJECT_EXCLUDE = 'YES' THEN 'No Access'
               WHEN OBJECT_MANAGEMENT = 'YES' AND OBJECT_EXISTENCE = 'YES'
                    AND OBJECT_ALTER = 'YES' AND OBJECT_REFERENCE = 'YES' THEN 'Full Control'
               WHEN DATA_ADD = 'YES' AND DATA_UPDATE = 'YES' AND DATA_DELETE = 'YES' THEN 'Modify'
               WHEN OBJECT_OPERATIONAL = 'YES' AND DATA_READ = 'YES' THEN 'Read/Execute'
               ELSE 'User Defined'
           END AS NEW_AUTHORITY_LEVEL,
           PREV_OBJECT_EXCLUDE, OBJECT_EXCLUDE
    FROM TABLE(
        SYSTOOLS.AUDIT_JOURNAL_CA(
            STARTING_TIMESTAMP => CURRENT_TIMESTAMP - 30 DAYS,
            ENDING_TIMESTAMP => CURRENT_TIMESTAMP
        )
    ) AS CA
    WHERE OBJECT_LIBRARY IS NOT NULL
)
SELECT ENTRY_TIMESTAMP,
       JOB_USER,
       USER_NAME AS AFFECTED_USER,
       OBJECT_NAME,
       LIBRARY_NAME,
       OBJECT_TYPE,
       PREV_OBJECT_AUTHORITY AS PREV_AUTH,
       PREV_AUTHORITY_LEVEL,
       OBJECT_AUTHORITY AS NEW_AUTH,
       NEW_AUTHORITY_LEVEL,
       CASE
           WHEN PREV_OBJECT_EXCLUDE = 'YES' AND OBJECT_EXCLUDE = 'NO'
           THEN 'Access Granted'
           WHEN PREV_OBJECT_EXCLUDE = 'NO' AND OBJECT_EXCLUDE = 'YES'
           THEN 'Access Revoked'
           WHEN PREV_OBJECT_AUTHORITY < OBJECT_AUTHORITY
           THEN 'Authority Increased'
           WHEN PREV_OBJECT_AUTHORITY > OBJECT_AUTHORITY
           THEN 'Authority Decreased'
           ELSE 'Authority Modified'
       END AS CHANGE_TYPE,
       AUTHORIZATION_LIST
FROM AUTHORITY_MAPPING
ORDER BY ENTRY_TIMESTAMP DESC;

 

NOTES:

  • Update the date and time range values in the SQL statement to match the desired time range for your query.

 

Sample Results

ENTRY_TIMESTAMPJOB_USERAFFECTED_USEROBJECT_NAMELIBRARY_NAMEPREV_AUTHNEW_AUTHCHANGE_TYPE
2024-01-15 14:30:22SECADMINJSMITHPAYROLLPRODLIB*USE*CHANGEAuthority Increased
2024-01-15 10:15:45SECADMINDEVELOPERTESTPGMDEVLIB*ALL*CHANGEAuthority Decreased
2024-01-14 16:45:33ADMINTEMPUSERCUSTFILEAPPLIB*CHANGE*EXCLUDEAccess Revoked
2024-01-14 09:20:11QSECOFRDBADMINSECPGMQGPL*EXCLUDE*ALLAccess Granted

 

Tracking IFS Object Authority Changes

SQL Query for IFS Objects with Authority Mapping

This query tracks changes to authorities for objects in the Integrated File System:

WITH IFS_AUTHORITY_MAPPING AS (
    SELECT ENTRY_TIMESTAMP,
           JOB_USER,
           USER_NAME,
           PATH_NAME,
           CASE
               WHEN PREV_OBJECT_EXCLUDE = 'YES' THEN '*EXCLUDE'
               WHEN PREV_OBJECT_MANAGEMENT = 'YES' AND PREV_OBJECT_EXISTENCE = 'YES' THEN '*ALL'
               WHEN PREV_DATA_ADD = 'YES' AND PREV_DATA_UPDATE = 'YES' THEN '*CHANGE'
               WHEN PREV_OBJECT_OPERATIONAL = 'YES' AND PREV_DATA_READ = 'YES' THEN '*USE'
               ELSE '*USER_DEF'
           END AS PREV_OBJECT_AUTHORITY,
           CASE
               WHEN OBJECT_EXCLUDE = 'YES' THEN '*EXCLUDE'
               WHEN OBJECT_MANAGEMENT = 'YES' AND OBJECT_EXISTENCE = 'YES' THEN '*ALL'
               WHEN DATA_ADD = 'YES' AND DATA_UPDATE = 'YES' THEN '*CHANGE'
               WHEN OBJECT_OPERATIONAL = 'YES' AND DATA_READ = 'YES' THEN '*USE'
               ELSE '*USER_DEF'
           END AS OBJECT_AUTHORITY,
           CASE
               WHEN PATH_NAME LIKE '/home/%' THEN 'User Home Directory'
               WHEN PATH_NAME LIKE '/tmp/%' THEN 'Temporary Files'
               WHEN PATH_NAME LIKE '/QSYS.LIB/%' THEN 'QSYS Library'
               WHEN PATH_NAME LIKE '/QOpenSys/%' THEN 'Open Source'
               ELSE 'Other IFS'
           END AS IFS_LOCATION,
           PREV_OBJECT_EXCLUDE, OBJECT_EXCLUDE
    FROM TABLE(
        SYSTOOLS.AUDIT_JOURNAL_CA(
            STARTING_TIMESTAMP => CURRENT_TIMESTAMP - 30 DAYS
        )
    ) AS CA
    WHERE PATH_NAME IS NOT NULL
)
SELECT ENTRY_TIMESTAMP,
       JOB_USER,
       USER_NAME AS AFFECTED_USER,
       PATH_NAME,
       IFS_LOCATION,
       PREV_OBJECT_AUTHORITY AS PREV_AUTH,
       OBJECT_AUTHORITY AS NEW_AUTH,
       CASE
           WHEN PREV_OBJECT_EXCLUDE = 'YES' AND OBJECT_EXCLUDE = 'NO' THEN 'Access Granted'
           WHEN PREV_OBJECT_EXCLUDE = 'NO' AND OBJECT_EXCLUDE = 'YES' THEN 'Access Revoked'
           WHEN PREV_OBJECT_AUTHORITY < OBJECT_AUTHORITY THEN 'Authority Increased'
           WHEN PREV_OBJECT_AUTHORITY > OBJECT_AUTHORITY THEN 'Authority Decreased'
           ELSE 'Authority Modified'
       END AS CHANGE_TYPE
FROM IFS_AUTHORITY_MAPPING
ORDER BY ENTRY_TIMESTAMP DESC;

 

NOTES:

  • Update the date and time range values in the SQL statement to match the desired time range for your query.

Sample Results

ENTRY_TIMESTAMPJOB_USERAFFECTED_USERPATH_NAMEIFS_LOCATIONPREV_AUTHNEW_AUTHCHANGE_TYPE
2024-01-15 15:45:22SECADMINAPPUSER/home/apps/config/app.confUser Home Directory*USE*CHANGEAuthority Increased
2024-01-15 11:30:15ADMINDEVELOPER/QOpenSys/etc/config.iniOpen Source*CHANGE*USEAuthority Decreased
2024-01-14 14:20:45QSECOFRTEMPUSER/tmp/sensitive_data.txtTemporary Files*ALL*EXCLUDEAccess Revoked

 

Best Practices

1. Regular Monitoring

  • Schedule periodic reviews of authority changes
  • Alert on critical changes (e.g., *ALL authority granted, *EXCLUDE applied)
  • Archive audit data for long-term compliance
  • Monitor authorization list changes

 

2. Filtering Strategies

-- Focus on recent changes
WHERE ENTRY_TIMESTAMP > CURRENT_TIMESTAMP - 7 DAYS

-- Monitor specific users
WHERE USER_NAME = 'CRITICALUSER'

-- Track authority increases
WHERE OBJECT_AUTHORITY > PREV_OBJECT_AUTHORITY

-- Monitor production libraries
WHERE LIBRARY_NAME IN ('PRODLIB', 'SECLIB')

-- Track access revocations
WHERE OBJECT_AUTHORITY = '*EXCLUDE'

 

3. Security Considerations

  • Restrict access to audit journal queries
  • Log who runs audit reports
  • Implement alerts for unauthorized authority changes
  • Document baseline authority settings
  • Review authorization list memberships

 

4. Performance Optimization

For large audit journals:

-- Use specific time ranges
STARTING_TIMESTAMP => '2024-01-01 00:00:00',
ENDING_TIMESTAMP => '2024-01-31 23:59:59'

-- Limit result sets
FETCH FIRST 1000 ROWS ONLY

-- Filter by specific objects or users
WHERE OBJECT_NAME = 'CRITICALFILE'
  AND USER_NAME IN ('USER1', 'USER2')

 

Advanced Queries

Example 1: Track All Authority Escalations

Identify when users receive increased authorities:

WITH AUTHORITY_CALC AS (
    SELECT ENTRY_TIMESTAMP,
           JOB_USER,
           USER_NAME,
           COALESCE(OBJECT_NAME, PATH_NAME) AS OBJECT_IDENTIFIER,
           COALESCE(OBJECT_LIBRARY, 'IFS') AS LOCATION,
           CASE
               WHEN PREV_OBJECT_EXCLUDE = 'YES' THEN '*EXCLUDE'
               WHEN PREV_OBJECT_MANAGEMENT = 'YES' AND PREV_OBJECT_EXISTENCE = 'YES' THEN '*ALL'
               WHEN PREV_DATA_ADD = 'YES' AND PREV_DATA_UPDATE = 'YES' THEN '*CHANGE'
               WHEN PREV_OBJECT_OPERATIONAL = 'YES' AND PREV_DATA_READ = 'YES' THEN '*USE'
               ELSE '*USER_DEF'
           END AS PREV_OBJECT_AUTHORITY,
           CASE
               WHEN OBJECT_EXCLUDE = 'YES' THEN '*EXCLUDE'
               WHEN OBJECT_MANAGEMENT = 'YES' AND OBJECT_EXISTENCE = 'YES' THEN '*ALL'
               WHEN DATA_ADD = 'YES' AND DATA_UPDATE = 'YES' THEN '*CHANGE'
               WHEN OBJECT_OPERATIONAL = 'YES' AND DATA_READ = 'YES' THEN '*USE'
               ELSE '*USER_DEF'
           END AS OBJECT_AUTHORITY,
           PREV_OBJECT_EXCLUDE,
           OBJECT_EXCLUDE
    FROM TABLE(
        SYSTOOLS.AUDIT_JOURNAL_CA(
            STARTING_TIMESTAMP => CURRENT_TIMESTAMP - 90 DAYS
        )
    ) AS CA
)
SELECT ENTRY_TIMESTAMP,
       JOB_USER AS GRANTED_BY,
       USER_NAME AS GRANTED_TO,
       OBJECT_IDENTIFIER,
       LOCATION,
       PREV_OBJECT_AUTHORITY,
       OBJECT_AUTHORITY,
       CASE
           WHEN PREV_OBJECT_EXCLUDE = 'YES' AND OBJECT_EXCLUDE = 'NO' THEN 'Access Granted'
           WHEN PREV_OBJECT_AUTHORITY = '*USE' AND OBJECT_AUTHORITY = '*CHANGE' THEN 'Elevated to Modify'
           WHEN PREV_OBJECT_AUTHORITY = '*USE' AND OBJECT_AUTHORITY = '*ALL' THEN 'Elevated to Full Control'
           WHEN PREV_OBJECT_AUTHORITY = '*CHANGE' AND OBJECT_AUTHORITY = '*ALL' THEN 'Elevated to Full Control'
           ELSE 'Authority Increased'
       END AS ESCALATION_TYPE
FROM AUTHORITY_CALC
WHERE OBJECT_AUTHORITY > PREV_OBJECT_AUTHORITY
   OR (PREV_OBJECT_EXCLUDE = 'YES' AND OBJECT_EXCLUDE = 'NO')
ORDER BY ENTRY_TIMESTAMP DESC;

 

Example 2: Monitor Critical Object Authority Changes

Track authority changes on production objects:

WITH AUTHORITY_CALC AS (
    SELECT ENTRY_TIMESTAMP,
           JOB_USER,
           USER_NAME,
           OBJECT_NAME,
           OBJECT_LIBRARY,
           OBJECT_TYPE,
           CASE
               WHEN PREV_OBJECT_EXCLUDE = 'YES' THEN '*EXCLUDE'
               WHEN PREV_OBJECT_MANAGEMENT = 'YES' AND PREV_OBJECT_EXISTENCE = 'YES' THEN '*ALL'
               WHEN PREV_DATA_ADD = 'YES' AND PREV_DATA_UPDATE = 'YES' THEN '*CHANGE'
               WHEN PREV_OBJECT_OPERATIONAL = 'YES' AND PREV_DATA_READ = 'YES' THEN '*USE'
               ELSE '*USER_DEF'
           END AS PREV_OBJECT_AUTHORITY,
           CASE
               WHEN OBJECT_EXCLUDE = 'YES' THEN '*EXCLUDE'
               WHEN OBJECT_MANAGEMENT = 'YES' AND OBJECT_EXISTENCE = 'YES' THEN '*ALL'
               WHEN DATA_ADD = 'YES' AND DATA_UPDATE = 'YES' THEN '*CHANGE'
               WHEN OBJECT_OPERATIONAL = 'YES' AND DATA_READ = 'YES' THEN '*USE'
               ELSE '*USER_DEF'
           END AS OBJECT_AUTHORITY
    FROM TABLE(
        SYSTOOLS.AUDIT_JOURNAL_CA(
            STARTING_TIMESTAMP => CURRENT_TIMESTAMP - 7 DAYS
        )
    ) AS CA
    WHERE OBJECT_LIBRARY IN ('PRODLIB', 'APPLIB', 'DATALIB', 'SECLIB')
)
SELECT ENTRY_TIMESTAMP,
       JOB_USER,
       USER_NAME,
       OBJECT_NAME,
       OBJECT_LIBRARY AS LIBRARY_NAME,
       OBJECT_TYPE,
       PREV_OBJECT_AUTHORITY,
       OBJECT_AUTHORITY,
       CASE
           WHEN OBJECT_AUTHORITY = '*ALL' THEN '⚠️ CRITICAL - Full Control Granted'
           WHEN OBJECT_AUTHORITY = '*EXCLUDE' THEN '⚠️ WARNING - Access Revoked'
           WHEN PREV_OBJECT_AUTHORITY = '*ALL' THEN '⚠️ NOTICE - Full Control Removed'
           ELSE 'Authority Modified'
       END AS SECURITY_IMPACT
FROM AUTHORITY_CALC
ORDER BY
    CASE
        WHEN OBJECT_AUTHORITY = '*ALL' THEN 1
        WHEN OBJECT_AUTHORITY = '*EXCLUDE' THEN 2
        ELSE 3
    END,
    ENTRY_TIMESTAMP DESC;

 

Example 3: Authority Change Summary Report

Generate a summary of authority changes by user:

WITH AUTHORITY_CALC AS (
    SELECT USER_NAME,
           JOB_USER,
           CASE
               WHEN PREV_OBJECT_EXCLUDE = 'YES' THEN '*EXCLUDE'
               WHEN PREV_OBJECT_MANAGEMENT = 'YES' AND PREV_OBJECT_EXISTENCE = 'YES' THEN '*ALL'
               WHEN PREV_DATA_ADD = 'YES' AND PREV_DATA_UPDATE = 'YES' THEN '*CHANGE'
               WHEN PREV_OBJECT_OPERATIONAL = 'YES' AND PREV_DATA_READ = 'YES' THEN '*USE'
               ELSE '*USER_DEF'
           END AS PREV_OBJECT_AUTHORITY,
           CASE
               WHEN OBJECT_EXCLUDE = 'YES' THEN '*EXCLUDE'
               WHEN OBJECT_MANAGEMENT = 'YES' AND OBJECT_EXISTENCE = 'YES' THEN '*ALL'
               WHEN DATA_ADD = 'YES' AND DATA_UPDATE = 'YES' THEN '*CHANGE'
               WHEN OBJECT_OPERATIONAL = 'YES' AND DATA_READ = 'YES' THEN '*USE'
               ELSE '*USER_DEF'
           END AS OBJECT_AUTHORITY
    FROM TABLE(
        SYSTOOLS.AUDIT_JOURNAL_CA(
            STARTING_TIMESTAMP => CURRENT_TIMESTAMP - 30 DAYS
        )
    ) AS CA
)
SELECT USER_NAME,
       COUNT(*) AS TOTAL_CHANGES,
       SUM(CASE WHEN OBJECT_AUTHORITY = '*ALL' THEN 1 ELSE 0 END) AS FULL_CONTROL_GRANTED,
       SUM(CASE WHEN OBJECT_AUTHORITY = '*EXCLUDE' THEN 1 ELSE 0 END) AS ACCESS_REVOKED,
       SUM(CASE WHEN OBJECT_AUTHORITY > PREV_OBJECT_AUTHORITY THEN 1 ELSE 0 END) AS AUTHORITY_INCREASED,
       SUM(CASE WHEN OBJECT_AUTHORITY < PREV_OBJECT_AUTHORITY THEN 1 ELSE 0 END) AS AUTHORITY_DECREASED,
       COUNT(DISTINCT JOB_USER) AS MODIFIED_BY_USERS
FROM AUTHORITY_CALC
GROUP BY USER_NAME
HAVING COUNT(*) > 0
ORDER BY TOTAL_CHANGES DESC;

 

Troubleshooting

Issue: No Results Returned

Possible Causes:

  1. Auditing Not Configured: Verify QAUDCTL and QAUDLVL system values
  2. No Changes Made: Confirm authority changes were actually made during the time period
  3. Insufficient Authority: Verify you have required journal authorities
  4. Incorrect Time Range: Expand the STARTING_TIMESTAMP and ENDING_TIMESTAMP

Issue: Performance Concerns

Solutions:

  1. Narrow Time Range: Use specific timestamps rather than broad ranges
  2. Add Filters: Include WHERE clauses for specific objects or users
  3. Use FETCH FIRST: Limit result sets with FETCH FIRST n ROWS ONLY
  4. Index Considerations: Ensure appropriate indexes exist on filtered columns

 

Additional Resources

 

Summary

The SYSTOOLS.AUDIT_JOURNAL_CA table function provides powerful capabilities for tracking authority changes on IBM i systems:

  • Library Objects: Monitor authority changes for traditional IBM i objects (*FILE, *PGM, etc.)
  • IFS Objects: Track authority modifications for files and directories in the Integrated File System
  • Authority Mapping: Understand the specific object and data authorities granted or revoked
  • Security Compliance: Maintain comprehensive audit trails of permission changes
  • Incident Response: Quickly identify when and by whom authorities were modified

 

By implementing these queries and best practices, you can maintain robust security monitoring and ensure compliance with access control requirements on your IBM i systems.

 

Document Location

Worldwide

[{"Type":"MASTER","Line of Business":{"code":"LOB68","label":"Power HW"},"Business Unit":{"code":"BU070","label":"IBM Infrastructure"},"Product":{"code":"SWG60","label":"IBM i"},"ARM Category":[{"code":"a8m0z0000000CHyAAM","label":"Security"}],"ARM Case Number":"","Platform":[{"code":"PF012","label":"IBM i"}],"Version":"and future releases;7.4.0;7.5.0;7.6.0"}]

Document Information

Modified date:
04 June 2026

UID

ibm17275008

Page Feedback