SAFENET/400
MP Associates of Westchester, Inc
How to contact us
Table of Contents
10.7
10.1
10.3
10.9
Navigating through the screens
Group Profiles
Logging Level R
Setting the User Logging Levels
Logging Level a
Logging Level N
SafeNet Administrator
Super Trusted User Control
Entering User Security Levels
Maintain User to Server Security screen appears
ALL Active Servers
Add New Object Authorization screen appears
Entering User Authorities to Objects
Work User to Object Security screen is displayed
Not Allowed for object
Not Allowed for library
Reminder
Exclusions
Copyright 2008 MP Associates of Westchester, Inc V8.50 May
Type the user profile, the Group or *PUBLIC, then Enter
Entering User Authorities to SQL Statements
Work User to SQL Statements screen is displayed
Maintain Authorized SQL Statements screen appears
Copyright 2008 MP Associates of Westchester, Inc V8.50 May
Entering User Authorities to FTP Statements
Type the user profile or *PUBLIC then Enter
Work with Authorized FTP Statements screen appears
Encrypted
Path
Name Format
Using FTP Client
Using FTP Server
List Format
Work User to CL Commands, Enter User ID screen is displayed
Maintain Authorized CL Commands screen appears
Type each CL command that this user is permitted to use
Copyright 2008 MP Associates of Westchester, Inc
Entering Long Path Names
Maintain Path Names screen appears
Copyright 2008 MP Associates of Westchester, Inc
Copy SafeNet User/Authorities screen is displayed
Removing a User from SafeNet/400
Remove Users from SafeNet screen appears
Maintain all Security for a User
Setting up Time of Day Controls
Authorized to At this time?
User Time-of-Day Maintenance screen appears
Type the user profile, Enter and then press F10
Copyright 2008 MP Associates of Westchester, Inc V8.50 May
Copyright 2008 MP Associates of Westchester, Inc
Setting UP Servers
SafeNet/400 Server Function Security Levels
Level
Level
Setting the Server Function Logging Levels
Basic Server Security Supported by all Servers
Intermediate Server Security Supported by all Servers
Advanced Server Security Supported by Specific Servers
Recommended Server Settings
Level 1, Log None
Distributed Data Management
Level 1, Log None Level 3, Log All Limit user
Pwrdwnsys
Level 1, Log All Log all requests
Entering Server Function Security Levels
Maintain Server Security screen is displayed
Copyright 2008 MP Associates of Westchester, Inc
Customer Exit Programs
Copyright 2008 MP Associates of Westchester, Inc
Setting up Telnet
Controlling Telnet Access by IP Address
Restricting Access to Specific Device Names
Setting the Required Password Type
Enter the password type 0 or 1 is required
Allow Auto Signon
Logging of Telnet Sessions
Setting up TCP/IP Address Controls
Turning on TCP/IP Address Checking
Type Wrksrv
Setting up TCP/IP Address Control Table
Example
Copyright 2008 MP Associates of Westchester, Inc
Anonymous FTP Logon
Use Wrktcpipa *FTPCLIENT
Parameter Screen Selections Value Description
Use Wrktcpipa *FTPSERVER
Libname
Profilename
Recommended that you leave this as
Password of *NONE and *USER for
Pword
Setting up for Anonymous FTP
Example
Locate the FTP Logon Server point
Page
Setting up for Normal User IDs and FTP Servers
Select Option 6 Work with User to CL Command Security
Page
Dynamic Host Configuration Protocol
Working with Dhcp
Dhcp Control and Reports Menu appears
Current Dhcp Activity
Copyright 2008 MP Associates of Westchester, Inc
Maintaining MAC Addresses
Fixed IP Addresses
Purging Expired Dhcp Lease Information
Ping Checker
Reports
Setup Reports
Usage Reports
Copyright 2008 MP Associates of Westchester, Inc
Testing Your Security Settings
Security Report by User in test mode Menu SN4, Option
Copyright 2008 MP Associates of Westchester, Inc
Security Levels to Check field
Copyright 2008 MP Associates of Westchester, Inc
Copyright 2008 MP Associates of Westchester, Inc V8.50 May
Batch Transaction Test Review/Report Security Report by User
On the Print Security Report screen fill in the following
Copyright 2008 MP Associates of Westchester, Inc V8.50 May
Copyright 2008 MP Associates of Westchester, Inc
Recommended approach to testing
Pcreview
Copyright 2008 MP Associates of Westchester, Inc V8.50 May
Copyright 2008 MP Associates of Westchester, Inc
Log file Purge
To perform a standard purge
Strprg DAYS060
To purge the log and archive the records
Strprgarc DAYS060 ARC*YES PRT*YES PRTR*NO RMVDEL*NO
Automating the log file purge
Automating the One Step Security Report
Strprgarc DAYS005
Strprgarc DAYS001
Daily Backup Procedure
Enter command Chgspcset LOGALL*NO
Chgspcset LOGALL*YES to begin logging
Copyright 2008 MP Associates of Westchester, Inc
De-activating SafeNet/400
Before de-activating
To activate or de-activate SafeNet/400
Removing SafeNet/400 from your system
Copyright 2008 MP Associates of Westchester, Inc
Error Message Received on the System
10.1
10.2
Error Message Received on the Client
Check the request log for a ‘REJECTED’ response
10.3
10.4
10.5
If you still cannot resolve the problem
Also try Endtcpsvr *ALL, Endhostsvr *ALL then Strtcp
10.6
Examples of Client Error Messages
10.7
10.8
Error Codes which Appear in the Log
10.9
10.10
Additional Troubleshooting Tips
10.11
10.12
Resetting Level 5 within SafeNet/400
11.1
Select Option 6 Activate/De-Activate SafeNet/400
11.2
Pre-Power Down Program Point
11.3
Using Automatic Alert Notification
11.4
Activating SafeNet/400 Alert Notification
Creating a Distribution List
11.5
SafeNet/400 RQD
Profile Swapping
OPT
11.6
Setting up a Swap Profile
Maintain Authorized Swap Profiles screen appears
11.7
Journaling SafeNet/400 Security Files
11.8
Traparcw File
Errord File
Files Contained in SafeNet/400
11.9
Trapod File
11.10
SafeNet/400 Commands
Commands Description
11.11
11.12
Wrkusrsec
11.13
11.14
Server Function Descriptions
12.1
Original Servers
12.2
Format Name
Where used
Server Identifier
Levels Supported
12.4
Limitations
12.5
12.6
Usrlibl ALL
12.7
12.8
Original Message Server Description Original Message Server
12.9
12.10
12.11
12.12
Optimized Servers
12.13
12.14
12.15
12.16
12.17
12.18
Access to System i5 database through Odbc interface
12.19
Database Server Entry Description Database Server Entry
Usage
12.21
12.22
12.23
12.24
12.25
Data Queue Server Description Data Queue Server
12.26
12.27
12.28
Windows Explorer and other applications
Access to entire file system
File Server Description File Server
12.29
Allflr ALL
12.30
Personnel ALL
12.31
PAYROLL.LI SALARY.FIL
12.32
Recommended Setting Level 4, Log All
Usage Notes/Limitations
12.33
12.34
FTP Logon Server Description FTP Logon Server 1
12.35
FTP Logon Server Description FTP Logon Server 2
12.36
FTP Logon Server Description FTP Logon Server 3
12.37
12.38
12.39
12.40
Pre-Power Down Description Pre-Power Down Server
12.41
12.42
Rexec Logon Server Description Rexec Logon Server 1
Usage Notes
12.43
Rexec Logon Server Description Rexec Logon Server 2
12.44
12.45
Important Notes on setting up a user for ShowCase** Strategy
12.46
TCP Signon Server Description TCP Signon Server
12.47
12.48
12.49
Server Identifier Format
12.50
Index
Public
