Chapter 6. Managing Security For Logical Partitions - IBM AS/400e Manual
Logical partitions: managing
Hide thumbs
Also See for AS/400e:
- User manual (19 pages) ,
- User handbook manual (834 pages) ,
- Manual (85 pages)
Table of Contents
Advertisement
Chapter 6. Managing security for logical partitions
The security-related tasks you perform on a partitioned system are the same as on a system without
logical partitions. However, when you create logical partitions, you work with more than one independent
system. Therefore you will have to perform the same tasks on each logical partition instead of just once on
a system without logical partitions.
Here are some basic rules to remember when dealing with security on logical partitions:
v You add users to the system one logical partition at a time. You need to add your users to each logical
partition you want them to access.
v Limit the number of people who have authority to go to dedicated service tools (DST) and system
service tools (SST) on the primary partition. Refer to the table in Controlling your logical partitions with
DST and SST for more information on DST and SST.
v Secondary partitions cannot see or use main storage and disk units of another logical partition.
v Secondary partitions can only see their own hardware resources.
v The primary partition can see all system hardware resources in the Work with System Partitions
displays of DST and SST.
v The primary partition operating system still only sees its resources available.
v The system control panel controls the primary partition. When you set the panel mode to Secure, no
actions can be performed on the Work with Partition Status display from SST. To force DST from the
system control panel, you must change the mode to Manual.
v When you set the operating mode of a secondary partition to secure, you restrict the usage of its Work
with Partition Status display in these ways:
– You can only use DST on the secondary partition to change partition status; you cannot use SST to
change partition status.
– You can only force DST on the secondary partition from the primary partition Work with Partition
Status display using either DST or SST.
– You can only use DST on the primary partition to change a secondary partition mode from secure to
any other value.
Once a secondary partition's mode is no longer secure, you can use both DST and SST on the
secondary partition to change partition status.
For more information on security on your AS/400 refer to the book OS/400 Security-Reference
the Basic system security and planning pages of the Information Center.
© Copyright IBM Corp. 1998,2000
and
35
Advertisement
Table of Contents
