• Subject: Re: Allowing Help Desk Personal to Rest User Profiles/Passwords
  • From: Chuck Lewis <clewis@xxxxxxxxxx>
  • Date: Wed, 17 Dec 1997 14:57:02 -0800

Thank you EVERYONE for your responses ! I was NEARLY there. I had tried
the "submit" deal and it worked OK, but the interactive attempt keep
yielding the *SECADM message.

Here is what I found; I HAD been compiling it as *OWNER but had SPACED
the CHGOBJOWN part (duh...). If the program ALREADY exists and you
compile with the Replace Program *YES (which who WOULDN'T...) the USRPRF
parameter is IGNORED !! So either delete the program first or issue the
CHGPGM command to correct this.

Some further info on what we have done here. I have created a command
and CL that we use to create a user profile, that way INLPGM,
PWDEXP(*YES) and ALL of that other important stuff is CONSISTANT. This
command also allows for Mother's Maiden Name and the user department (we
have this information from a Computer Access Request form that they are
required to read, fill out and sign. If they don't give mother's maiden
name, we use Profile name although we consider this a no-no whenever
possible...).  This information is also written to a file. My
command/program for the Help Desk people hits this file and either uses
the Mother's Maiden Name if present or the Profile name, and resets the
password, "re-enables" the profile and changes it to expired. We "argue"
for the Mother's Maiden Name because THAT way, if someone calls up, we
don't necessarily have to know for sure who it is (although we normally
do, since a device has to be reset and there is a message on msgq
QSYSMSG...); we just tell them that they have been reset and to use
their mother's maiden name

I DO like the idea of fixing this so QSECOFR cannot be reset this way.
Matter of fact this could be added to the CL AND RPG to skip it (ditto
for other I.S. and IBM profiles !!!)

Thanks again !!


> --
> Chuck
>
>     _/_/_/_/   _/    _/   _/    _/   _/_/_/_/   _/    _/
>    _/         _/    _/   _/    _/   _/         _/   _/
>   _/         _/_/_/_/   _/    _/   _/         _/_/_/   Chuck Lewis
>  _/         _/    _/   _/    _/   _/         _/   _/ CLEWIS@IQUEST.NET
>
> _/_/_/_/   _/    _/   _/_/_/_/   _/_/_/_/   _/     _/ Indianapolis, IN
>
> "The opinions that are shown, are exclusively my own. All my own, all
> my
>
> own..." and NOT my employer's (with apologies to Emerson, Lake and
> Palmer)...
>
> +---
> | This is the Midrange System Mailing List!
> | To submit a new message, send your mail to
> "MIDRANGE-L@midrange.com".
> | To unsubscribe from this list send email to
> MIDRANGE-L-UNSUB@midrange.com.
> | Questions should be directed to the list owner/operator:
> david@midrange.com
> +---



--
Chuck


    _/_/_/_/   _/    _/   _/    _/   _/_/_/_/   _/    _/
   _/         _/    _/   _/    _/   _/         _/   _/
  _/         _/_/_/_/   _/    _/   _/         _/_/_/   Chuck Lewis
 _/         _/    _/   _/    _/   _/         _/   _/ CLEWIS@IQUEST.NET
_/_/_/_/   _/    _/   _/_/_/_/   _/_/_/_/   _/     _/ Indianapolis, IN

Home page at: http://www.bizcom.com/chucklewis

"The opinions that are shown, are exclusively my own. All my own, all my

own..." and NOT my employer's (with apologies to Emerson, Lake and
Palmer)...


+---
| This is the Midrange System Mailing List!
| To submit a new message, send your mail to "MIDRANGE-L@midrange.com".
| To unsubscribe from this list send email to MIDRANGE-L-UNSUB@midrange.com.
| Questions should be directed to the list owner/operator: david@midrange.com
+---


This thread ...

Replies:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2019 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available here. If you have questions about this, please contact [javascript protected email address].