Work with Operators for Authority on Demand and Password Reset

iSecurity related objects are secured automatically by product authorization lists (named security1P). This strengthens the internal security of the product. It is essential that you use Work with Operators to define all users who have *SECADM, *AUDIT or *AUD#SECAD privileges, but do not have all object authority. The Work with Operators screen has Usr (user management) and Adm (administrator) for all activities related to tasks such as starting, stopping subsystems, jobs, and import/export. iSecurity automatically adds all users listed in Work with Operators to the appropriate product authorization list.

1. Select 12. Work with AOD, P-R Operators in the BASE Support menu (STRAUD> 89 > 12). The Work with Operators screen appears.

​                           ​ Work with Operators​                                                                                                                   ​ Type options, press Enter.                 ​                                       ​ 1=Select   4=Delete​  ​ Authority level: 1=*USE​ ​ 9=*FULL​                                                                                                         ​ Opt​ User​         ​ System​   ​ AOD​ ​ P-R​ ​ MFA​ ​ Adm​                                  ​ ​  ​ ​ *AUD#SECAD​   ​ RLDEV   ​  ​ 9​   ​ 9​   ​ 9​   ​ 9​                                    ​  ​ ​ ADAM      ​   ​ RLDEV   ​  ​ 4​   ​  ​   ​  ​   ​ 9​                                    ​  ​ ​ AMNON     ​   ​ RLDEV   ​  ​ 9​   ​ 9​   ​ 9​   ​ 9​                                    ​  ​ ​ CS        ​   ​ RLDEV   ​  ​ 9​   ​ 9​   ​ 9​   ​ 9​                                    ​  ​ ​ OD        ​   ​ RLDEV   ​  ​ 9​   ​ 5​   ​ 9​   ​ 9​                                    ​  ​ ​ QSECOFR   ​   ​ RLDEV   ​  ​ 9​   ​ 9​   ​ 9​   ​ 9​                                    ​  ​ ​ TEST      ​   ​ RLDEV   ​  ​ 9​   ​ 9​   ​  ​   ​  ​                                    ​  ​ ​ TEVG      ​   ​ RLDEV   ​  ​ 9​   ​ 9​   ​ 9​   ​ 9​                                    ​  ​ ​ VV1       ​   ​ RLDEV   ​  ​ 9​   ​ 9​   ​ 9​   ​ 9​                                                                                                                                                                                                                                                                                                                                                        ​       Bottom​  ​ AOD=Authority on Demand​  ​ PR=Password Reset​   ​ MFA=Multi Factor Authentication​                                                 ​ Adm=Administrator​                ​ F3=Exit    F6=Add new​   ​ F8=Print​  ​ F11=*SECADM/*AUDIT authority​  ​ F12=Cancel​                                                                                    ​                                                                                 ​

2. Type 1 next to the user to modify his authorities (or press F6 to add a new user). The Modify Operator screen appears.

​                                ​ Modify Operator​                                                                                                                  ​ Type choices, press Enter.                                                    ​                                                                                   ​ Operator  . . . . . . . . . .​  ​ *AUD#SECAD​                                      ​ System  . . . . . . . . . . .​  ​ RLDEV   ​       ​ *ALL, Name          ​            ​ Operator password . . . . . .​  ​ *SAME     ​     ​ Name, *SAME, *BLANK​                                                                                              ​ Authorities by subject:​                                                         ​ Authority on Demand . . . . .​  ​ 9​              ​ 1=*USE, 4=Limited *EMERGENCY​                                                    ​ 5=*EMERGENCY, 8=Limited *FULL​                                                   ​ 9=*FULL​                         ​ Password Reset  . . . . . . .​  ​ 9​              ​ 1=*USE, 5=*WEAK, 9=*FULL ​       ​ Multi Factor Authentication .​  ​ 9​              ​ 1=*USE, 9=*FULL          ​       ​ Product Administrator . . . .​  ​ 9​              ​ 1=*USE, 9=*FULL​                                                                                                  ​ Note: Emergency operator can enable or modify emergency rules. This allows  ​          ​ solving of critical problems without the intervention of the security ​          ​ administrator.                                                        ​    ​      ​ The term Limited denotes that the user cannot change PIN codes.​                                                                                            ​ F3=Exit​   ​ F12=Cancel​                                                                                                                                            ​                                                                                 ​