<Standard intro>

As information, I have been away from SAP and basis for about four years. Due to personnel changes, I'm now returning to it. During the interim, we upgraded from version 4.0B to "SAP R/3 ENTERPRISE 47X110" (according to the system information on SMP). We have some out-dated kernel issues and I am trying to work through them as best and as quickly as I can.

</Standard intro>

This is a 9406-520 at V5R3M5. Our kernel is 620, 1598 (I know it's old).

I'm trying to run an automated full system save of our SAP development LPAR.

I compiled the CL program using QSECOFR and *OWNER.

In the Advanced Job Scheduler, I scheduled the job with user profile BACKUP. BACKUP user profile is set up exactly the same as QSECOFR except that it has primary group DEVGROUP and secondary groups R3OWNER and R3GROUP and is set to *DISABLED so no one can sign in with it.

The CL runs fine until it gets to the STOPSAP command. At that point it fails with error CPFA09C. Here are the details:

<quote>

Message . . . . : Not authorized to object. Object is

/QFileSvr.400/LPARSAP1.

Cause . . . . . : You do not have the correct authority for object

/QFileSvr.400/LPARSAP1 or for one of the directories in the object path.

Recovery . . . : Contact your security officer, the object owner, or

other authorized person to obtain the correct authority to use object

/QFileSvr.400/LPARSAP1 or the directories in the object path, and try your

request again. If the object name is *N, it could not be determined which of

the objects authority was not sufficient. The iSeries Security Reference,

SC41-5302, contains authority information for the operation.

</quote>

/QFileSvr.400/LPARSAP1 is the standard shadow directory to our PRD machine, LPARSAP1, and there is no way to add authority to the object even if I wanted to! Moreover, the user has *ALLOBJ authority!

What gives? How do I solve this issue? Do I even need to worry about stopping SAP anymore? Is the STOPSAP command no longer used?

Thanks in advance for your assistance.

Robert