When we want to give a particular user a customized levelrnof access to an object, we can assign private authorities. For example, if I want Betty in accounting to be able to access the Payroll master, I can assign her a private authority of ~*USE to the file object by using a command such as Edit Object Authority (EDTOBJAUT). But more often, we endeavor to assign these private authorities to group profiles rather than to individual user profiles, because people come and go in our companies. When we assign private authorities to users rather than to groups, we must maintain those private authorities over time, which is not a good thing.
展开▼
