Backup and recovery of security information
Saving your security information is just as important as saving your data. In some situations, you might need to recover user profiles, object authorities, and the data on your system. If you do not have your security information saved, you might need to manually rebuild user profiles and object authorities. This can be time-consuming and can lead to errors and security exposures.
This topic includes information on the following topics:
- How security information is saved and restored
- How security affects saving and restoring objects
- Security issues associated with *SAVSYS special authority
Planning adequate backup and recovery procedures for security information requires understanding how the information is stored, saved, and restored.
Table 1 shows the commands that are used to save and restore security information. The sections that follow discuss saving and restoring security information in more detail.
Security information saved or restored | Save and restore commands used | |||||
---|---|---|---|---|---|---|
SAVSECDTA SAVSYS | SAVCHGOBJ SAVOBJ SAVLIB SAVDLO SAVCFG | RSTUSRPRF | RSTOBJ RSTLIB RSTDLO RSTCFG | RSTAUT | RSTDFROBJ | |
User profiles | X | X | ||||
Object ownership 1 | X | X | X | |||
Primary group 1 | X | X | X | |||
Public authorities 1 | X | X | X | |||
Private authorities3 | X | X | X | X | X | X |
Authorization lists | X | X | ||||
Authority holders | X | X | ||||
Link with the authorization list and authority holders | X | X | ||||
Object auditing value | X | X | ||||
Function registration information 2 | X | X | ||||
Function usage information | X | X | X | |||
Validation lists | X | X | ||||
Server Authentication Entries | X | X | ||||
|