Hi, 

I thought I could get my authorization lists back on objects by restoring the user profile pvtaut then doing a rstaut from a savsecdta backkup but it's not working. 

I'm grabbing that savsecdta from a system where the authorities are intact and I'm trying to restore them on a different development system. The source system is at v7r4 and I just recently upgraded the target system to v7r5. Would that be an issue? 

------------------------------
Michael Cramer
------------------------------

Hi, 

I thought I could get my authorization lists back on objects by restoring the user profile pvtaut then doing a rstaut from a savsecdta backkup but it's not working. 

I'm grabbing that savsecdta from a system where the authorities are intact and I'm trying to restore them on a different development system. The source system is at v7r4 and I just recently upgraded the target system to v7r5. Would that be an issue? 

This IBM i save/restore chart I attach herewith can be a useful future reference for you. 

Hi, 

I thought I could get my authorization lists back on objects by restoring the user profile pvtaut then doing a rstaut from a savsecdta backkup but it's not working. 

I'm grabbing that savsecdta from a system where the authorities are intact and I'm trying to restore them on a different development system. The source system is at v7r4 and I just recently upgraded the target system to v7r5. Would that be an issue? 

Hi Satid, 

I shouldn't have to delete the objects and use *all on the rstusrprf. These objects are all owned by one single profile so that's the one I'm restoring. Same with the rstaut. And yes, I already looked at a google search and IBM documentation. That's how I came up with this procedure. 

Another thing is the *all on the rstaut requires a restricted state which I'm trying to avoid. 

This IBM i save/restore chart I attach herewith can be a useful future reference for you. 

Hi, 

I thought I could get my authorization lists back on objects by restoring the user profile pvtaut then doing a rstaut from a savsecdta backkup but it's not working. 

I'm grabbing that savsecdta from a system where the authorities are intact and I'm trying to restore them on a different development system. The source system is at v7r4 and I just recently upgraded the target system to v7r5. Would that be an issue? 

Dear Michael

If you do not want to delete the objects and run RSTUSRPRF *ALL, then the only alternative is to use GRTOBJAUT command for each AUTL you want to recover for the objects in your target system. In this attempt, you may consider using IBM i service AUTHORIZATION_LIST_INFO (and perhaps also AUTHORIZATION_LIST_USER_INFO) to compare AUTL details between your source and target systems before you know which AUTL you need to recover. 

Hi Satid, 

I shouldn't have to delete the objects and use *all on the rstusrprf. These objects are all owned by one single profile so that's the one I'm restoring. Same with the rstaut. And yes, I already looked at a google search and IBM documentation. That's how I came up with this procedure. 

Another thing is the *all on the rstaut requires a restricted state which I'm trying to avoid. 

This IBM i save/restore chart I attach herewith can be a useful future reference for you. 

Hi, 

I thought I could get my authorization lists back on objects by restoring the user profile pvtaut then doing a rstaut from a savsecdta backkup but it's not working. 

I'm grabbing that savsecdta from a system where the authorities are intact and I'm trying to restore them on a different development system. The source system is at v7r4 and I just recently upgraded the target system to v7r5. Would that be an issue? 

Yes, I've been using that sql function to compare systems. Thanks. 

But why can't I restore that one needed profile and use the same one on the rstaut? I think we are missing some details here because to me that should work. 

Also, what does deleting and restoring the objects buy me at this point? 

Dear Michael

If you do not want to delete the objects and run RSTUSRPRF *ALL, then the only alternative is to use GRTOBJAUT command for each AUTL you want to recover for the objects in your target system. In this attempt, you may consider using IBM i service AUTHORIZATION_LIST_INFO (and perhaps also AUTHORIZATION_LIST_USER_INFO) to compare AUTL details between your source and target systems before you know which AUTL you need to recover. 

Hi Satid, 

I shouldn't have to delete the objects and use *all on the rstusrprf. These objects are all owned by one single profile so that's the one I'm restoring. Same with the rstaut. And yes, I already looked at a google search and IBM documentation. That's how I came up with this procedure. 

Another thing is the *all on the rstaut requires a restricted state which I'm trying to avoid. 

This IBM i save/restore chart I attach herewith can be a useful future reference for you. 

Hi, 

I thought I could get my authorization lists back on objects by restoring the user profile pvtaut then doing a rstaut from a savsecdta backkup but it's not working. 

I'm grabbing that savsecdta from a system where the authorities are intact and I'm trying to restore them on a different development system. The source system is at v7r4 and I just recently upgraded the target system to v7r5. Would that be an issue? 

• You must specify USRPRF(*ALL) or USRPRF(*NEW) to restore authorization lists and authority holders.

https://www.ibm.com/docs/en/i/7.5?topic=ssw_ibm_i_75/cl/rstusrprf.html

Also 7.5 changed.  "If *ALL is specified for the User profile (USRPRF) parameter on the Restore User Profiles (RSTUSRPRF) command, it is no longer required that all other operations on the system be ended."  https://www.ibm.com/docs/en/i/7.5?topic=rys-whats-new-i-75

Yes, I've been using that sql function to compare systems. Thanks. 

But why can't I restore that one needed profile and use the same one on the rstaut? I think we are missing some details here because to me that should work. 

Also, what does deleting and restoring the objects buy me at this point? 

Dear Michael

If you do not want to delete the objects and run RSTUSRPRF *ALL, then the only alternative is to use GRTOBJAUT command for each AUTL you want to recover for the objects in your target system. In this attempt, you may consider using IBM i service AUTHORIZATION_LIST_INFO (and perhaps also AUTHORIZATION_LIST_USER_INFO) to compare AUTL details between your source and target systems before you know which AUTL you need to recover. 

Hi Satid, 

I shouldn't have to delete the objects and use *all on the rstusrprf. These objects are all owned by one single profile so that's the one I'm restoring. Same with the rstaut. And yes, I already looked at a google search and IBM documentation. That's how I came up with this procedure. 

Another thing is the *all on the rstaut requires a restricted state which I'm trying to avoid. 

This IBM i save/restore chart I attach herewith can be a useful future reference for you. 

Hi, 

I thought I could get my authorization lists back on objects by restoring the user profile pvtaut then doing a rstaut from a savsecdta backkup but it's not working. 

I'm grabbing that savsecdta from a system where the authorities are intact and I'm trying to restore them on a different development system. The source system is at v7r4 and I just recently upgraded the target system to v7r5. Would that be an issue? 

if that's a must to specify *all, why is a single user profile allowed with *pvtaut then? this doesn't make sense. 

• You must specify USRPRF(*ALL) or USRPRF(*NEW) to restore authorization lists and authority holders.

https://www.ibm.com/docs/en/i/7.5?topic=ssw_ibm_i_75/cl/rstusrprf.html

Also 7.5 changed.  "If *ALL is specified for the User profile (USRPRF) parameter on the Restore User Profiles (RSTUSRPRF) command, it is no longer required that all other operations on the system be ended."  https://www.ibm.com/docs/en/i/7.5?topic=rys-whats-new-i-75

Yes, I've been using that sql function to compare systems. Thanks. 

But why can't I restore that one needed profile and use the same one on the rstaut? I think we are missing some details here because to me that should work. 

Also, what does deleting and restoring the objects buy me at this point? 

Dear Michael

If you do not want to delete the objects and run RSTUSRPRF *ALL, then the only alternative is to use GRTOBJAUT command for each AUTL you want to recover for the objects in your target system. In this attempt, you may consider using IBM i service AUTHORIZATION_LIST_INFO (and perhaps also AUTHORIZATION_LIST_USER_INFO) to compare AUTL details between your source and target systems before you know which AUTL you need to recover. 

Hi Satid, 

I shouldn't have to delete the objects and use *all on the rstusrprf. These objects are all owned by one single profile so that's the one I'm restoring. Same with the rstaut. And yes, I already looked at a google search and IBM documentation. That's how I came up with this procedure. 

Another thing is the *all on the rstaut requires a restricted state which I'm trying to avoid. 

This IBM i save/restore chart I attach herewith can be a useful future reference for you. 

Hi, 

I thought I could get my authorization lists back on objects by restoring the user profile pvtaut then doing a rstaut from a savsecdta backkup but it's not working. 

I'm grabbing that savsecdta from a system where the authorities are intact and I'm trying to restore them on a different development system. The source system is at v7r4 and I just recently upgraded the target system to v7r5. Would that be an issue?