|
midrange.com
I never said it was ludicrous to require a valid profile and password - I
said it was ludicrous to pop up a window and have the users key that in.
In the Domino issue it was not ftp, but more closely resembling ODBC.
Rob Berendt
==================
"They that can give up essential liberty to obtain a little temporary
safety deserve neither liberty nor safety."
Benjamin Franklin
"Gary Monnier"
<garymon@powertechg To: <midrange-l@midrange.com>
roup.com> cc:
Sent by: Fax to:
midrange-l-admin@mi Subject: RE: QUSER on ODBC
requests
drange.com
12/14/2001 02:03 PM
Please respond to
midrange-l
Why do you fine it so "Ludicrous!" to require valid profile and password be
required when accessing your machine? Your example sounds to me like you
are performing a variation on Anonymous FTP. Since you feel your Domino
application is a trusted client you can use the FTP Sign On Server exit
point to allow access. With an exit program you can then block untrusted
clients from accessing your machine without supplying valid user profile
and
password.
-----Original Message-----
From: midrange-l-admin@midrange.com
[mailto:midrange-l-admin@midrange.com]On Behalf Of rob@dekko.com
Sent: Friday, December 14, 2001 10:51 AM
To: midrange-l@midrange.com
Subject: RE: QUSER on ODBC requests
Everyone may rant on how hard coding user id's and passwords are a bad idea
but there are some applications where this is a necessity. Well, I suppose
you could put them in a dataarea or some such animal but you get the same
results.
For example, you want to do some batch ftp between one system and another.
Remember I said batch. And you get this EDI process that runs unattended.
I have no urge to hire someone to key in a userid and password. If I did,
I'd make the poor bugger click on icons or some other worthless application
to look busy.
Again, I have a Domino application which gets data from the 400. The
people running this application sometimes don't even have iSeries
passwords. Are you saying that instead of just clicking on a button to
retrieve the data, that now I should also pop up a box that prompts them
for an iSeries user id and password? Ludicrous!
Rob Berendt
==================
"They that can give up essential liberty to obtain a little temporary
safety deserve neither liberty nor safety."
Benjamin Franklin
"Gary Monnier"
<garymon@powertechg To:
<midrange-l@midrange.com>
roup.com> cc:
Sent by: Fax to:
midrange-l-admin@mi Subject: RE: QUSER on
ODBC
requests
drange.com
12/14/2001 01:38 PM
Please respond to
midrange-l
At least the hard coded user profile isn't set to expire. Hard coding user
profiles and passwords is a REALLY BAD IDEA. Just think of all the special
coding that could be done by hard coding user id and password.
-----Original Message-----
From: midrange-l-admin@midrange.com
[mailto:midrange-l-admin@midrange.com]On Behalf Of alan shore
Sent: Friday, December 14, 2001 10:17 AM
To: midrange-l@midrange.com
Subject: RE: QUSER on ODBC requests
Something else I have just realized. If there are any applications with
hard-coded user profiles and passwords, that means the system is set up NOT
to expire passwords after a number of days. Yet another bad idea. Passwords
SHOULD be set to expire after a number of days (we use 30) and to force the
profile into an inactive state once 3 concurrent invalid attemps are made.
>>> "Gary Monnier" <garymon@powertechgroup.com> 12/14/01 12:36PM >>>
GOOD IDEA! My experience has been that administrators, not to mention
managers, want to know if applications have hardcoded passwords.
--
Gary Monnier garymon@powertechgroup.com
The PowerTech Group www.powertechgroup.com
19426 68th Avenue South
Kent, WA 98032
Phone 253.872.7788
Fax 253.872.7904
-----Original Message-----
From: midrange-l-admin@midrange.com
[mailto:midrange-l-admin@midrange.com]On Behalf Of Kurt Goolsbee
Sent: Friday, December 14, 2001 8:47 AM
To: midrange-l@midrange.com
Subject: RE: QUSER on ODBC requests
This message is in MIME format. Since your mail reader does not understand
this format, some or all of this message may not be legible.
--
[ Picked text/plain from multipart/alternative ]
BAD IDEA. If you change the password for QUSER and there are applications
with user and password hardcoded then they will stop working. Clearly you
don't know if this is the case so how are you going to set the password
back?
> -----Original Message-----
> From: bdietz@3x.com [SMTP:bdietz@3x.com]
> Sent: Friday, December 14, 2001 6:16 AM
> To: midrange-l@midrange.com
> Subject: Re: QUSER on ODBC requests
>
>
> John one way to check and see if it is really QUSER, Change the password
> for QUSER. If QUSER is hardcoded into a DSN or some such thing this
would
> surley break it. You should then be able to narrow down what is
> happening.
>
>
> -------------------------
> Bryan Dietz
> 3X Corporation
>
>
>
>
>
>
> "John Earl"
> <johnearl@powertec To:
> <midrange-l@midrange.com>
> hgroup.com> cc:
> Sent by: Subject: Re: QUSER on
> ODBC requests
> midrange-l-admin@m
> idrange.com
>
>
> 12/13/2001 04:01
> PM
> Please respond to
> midrange-l
>
>
>
>
>
>
> Walden,
>
> Yeah, we checked this out. All of our reports use the "Current
> User" rather than the "Job User" to report on. This customer is
> having QUSER show up as the "Current User". :(
>
> jte
>
> --
> John Earl
> johnearl@powertechgroup.com
> The Powertech Group www.powertechgroup.com
> Kent, Washington, USA +1 253-872-7788
>
>
> ----- Original Message -----
> From: Walden H. Leverich <WaldenL@TechSoftInc.com>
> To: <midrange-l@midrange.com>
> Sent: Thursday, December 13, 2001 11:50 AM
> Subject: RE: QUSER on ODBC requests
>
>
> > John,
> >
> > Just curious, are you sure they mean "authority of" and not
> that their audit
> > stamps say "QUSER"??? All the "classic" methods of retrieving
> the user id
> > (RTVJOB, RPG PSDS, etc.) will show QUSER not the profile from
> the swap.
> >
> >
> > ------------
> > Walden H Leverich III
> > President
> > Tech Software
> > (516)627-3800 x11
> > WaldenL@TechSoftInc.com
> > http://www.TechSoftInc.com
> >
> >
> >
> > -----Original Message-----
> > From: John Earl [mailto:johnearl@powertechgroup.com]
> > Sent: Thursday, December 13, 2001 14:38
> > To: MIDRANGE-L@midrange.com
> > Subject: QUSER on ODBC requests
> >
> >
> > This is a multi-part message in MIME format.
> > --
> > [ Picked text/plain from multipart/alternative ]
> > We have a customer who is having a problem when they issue
> Client Access
> > ODBC requests. It seems all of the transactions run under the
> authority of
> > user profile QUSER.
> >
> > This is odd because even though the QZDASOINIT jobs start as
> QUSER, every
> > time one of these prestart jobs receives an *SQLSRV request the
> job is
> > supposed to swap the job's "Current User" to the user id that
> logged on to
> > CAE. In every other implementation of CAE that I have ever
> seen, when a
> > QZDASOINIT job gets an incoming ODBC request, it will swap the
> current user
> > and proceed with the request. This site seems to leave the
> current user at
> > "QUSER".
> >
> > I'm guessing it is a configuration problem. Does anyone know
> of an OS/400,
> > ODBC or CAE configuration option that might cause all ODBC
> request to run
> > under QUSER? It must have got preset somewhere????
> >
> > The customer is using the Client Access Express, OS/400 V4R5
> and Windows XP.
> >
> > Any thoughts?
> >
> > jte
> >
> >
> > --
> > John Earl
> johnearl@powertechgroup.com
> > The Powertech Group www.powertechgroup.com
> > Kent, Washington, USA +1 253-872-7788
> >
> >
> > --
> >
>
>
>
>
>
> _______________________________________________
> This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing
> list
> To post a message email: MIDRANGE-L@midrange.com
> To subscribe, unsubscribe, or change list options,
> visit: http://lists.midrange.com/cgi-bin/listinfo/midrange-l
> or email: MIDRANGE-L-request@midrange.com
> Before posting, please take a moment to review the archives
> at http://archive.midrange.com/midrange-l.
_______________________________________________
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list
To post a message email: MIDRANGE-L@midrange.com
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/cgi-bin/listinfo/midrange-l
or email: MIDRANGE-L-request@midrange.com
Before posting, please take a moment to review the archives
at http://archive.midrange.com/midrange-l.
_______________________________________________
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list
To post a message email: MIDRANGE-L@midrange.com
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/cgi-bin/listinfo/midrange-l
or email: MIDRANGE-L-request@midrange.com
Before posting, please take a moment to review the archives
at http://archive.midrange.com/midrange-l.
_______________________________________________
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list
To post a message email: MIDRANGE-L@midrange.com
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/cgi-bin/listinfo/midrange-l
or email: MIDRANGE-L-request@midrange.com
Before posting, please take a moment to review the archives
at http://archive.midrange.com/midrange-l.
_______________________________________________
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list
To post a message email: MIDRANGE-L@midrange.com
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/cgi-bin/listinfo/midrange-l
or email: MIDRANGE-L-request@midrange.com
Before posting, please take a moment to review the archives
at http://archive.midrange.com/midrange-l.
_______________________________________________
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list
To post a message email: MIDRANGE-L@midrange.com
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/cgi-bin/listinfo/midrange-l
or email: MIDRANGE-L-request@midrange.com
Before posting, please take a moment to review the archives
at http://archive.midrange.com/midrange-l.
_______________________________________________
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list
To post a message email: MIDRANGE-L@midrange.com
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/cgi-bin/listinfo/midrange-l
or email: MIDRANGE-L-request@midrange.com
Before posting, please take a moment to review the archives
at http://archive.midrange.com/midrange-l.
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.
