Hello Buck,
You wrote:
>It is a reasonable expectation to be able to do a DSPUSRPRF and be able
>to see if a user is enabled or not.
Ah, but IBM don't want us to use commands for this stuff. We are expected
to switch our brains off and use point-and-click rubbish instead.
An API is provided at 510 and above to retrieve a list of profiles
disabled from NetServer. There is also an API to enable a profile. Our
ONcmd product wraps those APIs in a proper work-with list and commands
with security checking and messages. OpsNav 510 also lets the brain-dead
do this. Prior to 510 you are limited to checking for the CPIB682 message
and running CHGUSRPRF or CHGPWD.
>It is a reasonable expectation that if a user is disabled from NetServer,
>they are disabled from signing on too.
I would expect that also but that's not how it works. I suspect the
reasoning is due to Windows Networking being fairly crappy in support for
different profiles and passwords (especially W95/W98). IBM possibly felt
it unreasonable to disable an AS/400 profile due to Winslop deficiencies.
>The way NetServer access is enforced today makes it look like a quick
>hack instead of a planned enhancement.
That fits with so much of NetServer. The AS/400 implementation of SMB is
really below average. If they didn't give it away "free" with the system
they couldn't sell it.
Regards,
Simon Coulter.
--------------------------------------------------------------------
FlyByNight Software AS/400 Technical Specialists
http://www.flybynight.com.au/
Phone: +61 3 9419 0175 Mobile: +61 0411 091 400 /"\
Fax: +61 3 9419 0175 mailto: shc@flybynight.com.au \ /
X
ASCII Ribbon campaign against HTML E-Mail / \
--------------------------------------------------------------------
