|
Paul, >Any chance you can let us know what objects are involved and what security >is needed to block access to them? Sure -- it's no secret and readily available in the manuals. There is an API documented in the Security APIs manual called QSYRUPWD which will Retrieve Encrypted User Passwords. It is intended for use with QSYSUPWD to set encrypted passwords to facilitate mirroring user profile activity on multiple systems. These APIs have been discussed in this forum before because they are what are used to propagate password changes between AS/400's. Both APIs are shipped with *PUBLIC *EXCLUDE and are owned by QSYS, so I wouldn't lose any sleep over it. Access to the APIs is already blocked by default. My assumption was that Don probably was QSECOFR on a system, so he could run the API and dump the results. In case it is not painfully obvious, the post was intended for Don's private email, but got misdirected back to Midrange-L. :( And I think that is all I care to say about this subject now... Doug +--- | This is the Midrange System Mailing List! | To submit a new message, send your mail to MIDRANGE-L@midrange.com. | To subscribe to this list send email to MIDRANGE-L-SUB@midrange.com. | To unsubscribe from this list send email to MIDRANGE-L-UNSUB@midrange.com. | Questions should be directed to the list owner/operator: david@midrange.com +---
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.
midrange.com
