Re: Who changed user profile?

Typically anybody (allowed to use the command CHGPRF) can change their OWN 
profile.

The *USRPRF-object has the date and time for the change (DSPOBJD). No entry in 
the log
is granted.

You can set up a security auditing. The QAUDLVL system value must include 
*SECADM.

Anybody with *SECADM special authority (specific or via a program with adopted
authority) can change any userprofile. The security auditing will log this too.

You might want to restrict the access to CHGPRF. Normally a normal user does 
not have
the need for this, only for CHGPWD.

Henrik
http://hkrebs.dk

------------------------------

Date: Thu, 09 Nov 2000 15:34:52 -0800
From: Jim Langston <jimlangston@conexfreight.com>
Subject: Who changed user profile?

We merged with another company back in January who also has
AS/400 systems.  I'm given security officer authority for
maintaining the users from my facilities.  These user profiles
were set up and work they way they are.

Every once in a while some user profiles will get screwed up.
Their default printer or output queue will be changed, or their
initial menu will be changed from their custom menu to MAIN,
stuff like that.

Nobody knows who or what is doing this, or is just not admitting
to it.

I tried looking in the history log, but that thing is so huge
it's like trying to find a needle in a haystack.  So...

Where do I look to find out who or what is changing the parameters
on user profiles?

Regards,

Jim Langston

------------------------------

+---
| This is the Midrange System Mailing List!
| To submit a new message, send your mail to MIDRANGE-L@midrange.com.
| To subscribe to this list send email to MIDRANGE-L-SUB@midrange.com.
| To unsubscribe from this list send email to MIDRANGE-L-UNSUB@midrange.com.
| Questions should be directed to the list owner/operator: david@midrange.com
+---