|
Yes, a very good idea and the "program" _can_ be simple. Create a CL program named perhaps ENBUSR containing this single command: chgusrprf ??usrprf() status(*enabled) Compile it with QSECOFR or, better, an appropriate security profile as the owner and with the USRPRF(*OWNER) attribute set. Now, create an authorization list: ==> crtautl SECPGMS text('Secured programs') Secure the compiled program with the *autl created above: ==> grtobjaut mylib/ENBUSR *PGM autl(SECPGMS) Now, add the users you want to the *autl: ==> addautle SECPGMS PowerUsr1 aut(*USE) When you want to remove the authority, run: ==> rmvautle SECPGMS PowerUsr1 It's a simple program that's extremely focused. You can control who has access easily. And you can also add additional programs or files or other objects to the *autl and secure them for the entire group of power users at the same time. The various commands above can be added to or modified to give additional control options but the generic technique works well. Tom Liotta midrange-l-request@xxxxxxxxxxxx wrote: > 5. Re: Allowing power users to re-enable users (Raul A Jager) > >You can write a CL program that receives one parameter, the user >profile, and calls CHGUSRPRF to change that user's password. You need >to set the adopted autority to *owner, and make the owner QSECOFR or >some other profile with enough authority. Then you can set the >permisions to the program as public *exclude, and list the people the >are allowede to use it. > >It may be a good idea to also generate a log. > >> >>>-----Original Message----- >>> >>>I have been getting a significant number of user re- >>>enables lately. Mostly >>>because two plus weeks after training when the people go >>>live they forget >>>their passwords. I would say 90% of the calls I have to >>>reset the password >>>and the user profile. We have a "help desk" (which is >>>power users of the >>>software) not IT people. So I want if possible, to let >>>them at least reset >>>the profile without them having *SECADM. >>> >>>Has any accomplished this? If so could I get some help? -- Tom Liotta The PowerTech Group, Inc. 19426 68th Avenue South Kent, WA 98032 Phone 253-872-7788 x313 Fax 253-872-7904 http://www.powertechgroup.com __________________________________________________________________ McAfee VirusScan Online from the Netscape Network. Comprehensive protection for your entire computer. Get your free trial today! http://channels.netscape.com/ns/computing/mcafee/index.jsp?promo=393397 Get AOL Instant Messenger 5.1 free of charge. Download Now! http://aim.aol.com/aimnew/Aim/register.adp?promo=380455
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.