Guest.Visitor
07-24-2002, 09:56 PM
I don't know that this is a change to V5R1 - it is more likely something has changed in the way your users are authorized to the virtual device objects. In order to delete an object (any object) you have to have Object Existence (*OBJEXIST) rights to that object. Sure, *IOSYSCFG special authority is required to work with communications objects like Virtual devices, and it makes sense that in certain circumstances you'll need *JOBCTL special authority in order to end a job that could be attached to the device description, but neither of those special authorities will give you the specific right to delete a device description object. To solve your problem, consider putting all off your existing virtual devices into an Authorization list, and then authorizing selected users to delete the objects in that authorization list. Then, when new virtual devices are created by something like Telnet, the new device will assume the authority properties of the old device (including the authorization list) and your administrators will have the requisite authority to delte them. Also, rather than give these users a command line that adopts widespread authority, consider using a more tightly scripted adopted authority routine that does exactly what you want, and only what you want. A three line CL program with selective prompting like the one below can be used to adopt authority and only permit a single action – surely a better option than the unrestricted command likne prompt. PGM DLTDEVD ??DEVD() ENDPGM Try the command at a selective command prompt at a command line and see how it works. jte