Bill -
I can only assume that you will eventually have other users that need the same ability, so I'll present a somewhat generic solution. Please note that JDE is the name of the iSeries profile that should own and has all authority to the JDE libraries.
Here is one proposed solution for read-only access:
1) Create an iSeries user named <font color="red">READONLY</font> (for example).
2) With the CRTUSRPRF or CHGUSRPRF command, specify the user profile <font color="red">READONLY</font> as the primary group profile (GRPPRF) or one of the supplemental group profiles (SUPGRPPRF) for your "read only" user that needs read-only access to the JDE files.
The rest of this solution depends on how you currently secure your JDE libraries. Some shops use Authorization Lists to define security, others use group profiles and/or private authorities.
(Out of the box, as far as I know Oracle/Peoplesoft uses the latter method.)
2) a) If you use Authorization lists to secure your libraries (I recommend this technique since it is easier to manage), then put <font color="red">READONLY</font> in the authorization list used to secure the library objects, giving it *USE authority. Assuming that you have an authorization list named JDELIBS that is used to secure your JDE libraries,
ADDAUTLE AUTL(JDELIBS) USER( <font color="red">READONLY</font>) AUT(*USE)
Otherwise, for each library that you want to restrict to read only authority for this user:
GRTOBJAUT OBJ(QSYS/YOURJDELIB) OBJTYPE(*LIB) USER( <font color="red">READONLY</font>) AUT(*USE)
Even if this user is a member of the JDE group profile, this should prevent him from updating any files in any of the libraries secured in this fashion.
To test this:
1) Use CRTDUPOBJ to duplicate one of the JDE libraries and create a new library named JDEROTEST.
2) Use CRTDUPOBJ to duplicate several of the JDE physical files (including data) into the JDEROTEST library.
3) Secure JDEROTEST as specified above.
4) Turn your user loose and let him attempt to update or delete the data in the files in JDEROTEST.
Regards,