Overview of restoring authorities

When you run the Restore Authority (RSTAUT) command, the system restores authority for a specific user profile, a list of user profiles, or all user profiles.

If you restore authority for all users, the RSTAUT command restores authority by using every authority reference table it finds on the system. If you restore a single user profile to the system because it was damaged, deleted, or is being moved from another system, you can also use RSTAUT and specify that profile name to restore authorities for that user profile.

You can also restore authority for a specific profile or a list of profiles. For example, if you have restored a single user profile to the system because it was damaged, you can also use the RSTAUT command and specify that profile name.

When you run RSTAUT USRPRF(*ALL), you will receive status message CPI3821 informing you of the current number of user profiles for which restore authority is complete after each authority reference table is processed.

You can run the RSTAUT command regardless of whether a system is in a restricted state. However, there are differences between running RSTAUT on systems in a restricted state and running RSTAUT on systems in a nonrestricted state. These differences include system performance, job log appearance, and object availability. More information is provided below.

Restoring authorities should be the last thing you do before performing an initial program load (IPL), in a recovery. If you restore authorities and accept the default parameter for RSTAUT SAVASPDEV(*ALLAVL), but you still have additional restore operations to perform, you might need to restore security data and restore authority again after the additional restore operations.

Note: The system saves and restores authorities differently for objects in the QNTC file system. The system saves and restores all authorities, including private authorities, with the object.