Required User Privileges

To perform a successful compliance scan against an iSeries system, authenticated users must have privileges as defined below:

  • A user with (*ALLOBJ) or audit (*AUDIT) authority can audit all system values. Such a user typically belongs to class (*SECOFR).
  • Users of class (*USER) or (*SYSOPR) can audit most values, except QAUDCTL, QAUDENDACN, QAUDFRCLVL, QAUDLVL, QAUDLVL2, and QCRTOBJAUD.

If a user does not have privileges to access a value, then the value returned will be *NOTAVL.