Hi again,
first hint - don't run aixpert unhesitatingly in confidence that it will do the right things - aixpert certainly can do a good job, but be prepared that your system could not be the same as it was before, particularly with high-level security.
Further, I'd recommend using the WSM or systems director GUI for aixpert, if possible at all. I'm a real friend of the command line, but in case of aixpert ...
The GUI will show you which actions aixpert is going to take and give you the opportunity to make changes. There is no 'smitty' menu item for this. You would have to use the commandline to create an .xml file containing the projected changes, to then edit directly in XML. No real fun.
Get familiar with all changes aixpert is going to perform for the respective security levels, and think twice about possible implications.
Start from this place - http://publib.boulder.ibm.com/infocenter/pseries/v5r3/topic/com.ibm.aix.security/doc/security/aix_sec_expert.htm
and walk through the whole material (honestly!)
I'll be on vacation from Saturday on for ~ two weeks, so you'll have a lot of time to read ... :-)
wmp
