|
midrange-l-request@xxxxxxxxxxxx wrote: > 3. RE: User profile question (Ron-Zimmerman) > >For Rob's sign-on scenario, why not modify the sign-on screen to hide or >protect the menu and program fields? That is not a hard change, and it >takes this security risk away. > >Everywhere I have worked, the sign-on screen has been modified so that the >user is only allowed to enter their ID and password. It's less confusing >for the users and gives better control over the sign-on so they don't get >into something where they don't belong. Ron: It can certainly be valuable to customize the signon panel. However, this should be considered to be a security mechanism (other than displaying notices or simplifying for users, etc.) Consider a possibility such as: ==> telnet myas400 rmtuser(RONZ) rmtpwd(RonZPwd) rmtinlpgm(QCMD) This can be run on a command-line on MYAS400 to telnet back into MYAS400 for a test. When bypassing the signon panel (which can be a far better security mechanism since passwords can be encrypted rather than sending in clear-text), the signon panel is irrelevant. This form of telnet (client) has been available under OS/400 since V5R1. It is supported by clients such as iSeries Access emulation when 'bypass-signon' is used. Other emulation clients also allow it, though I don't have a useful list handy. (Server settings such as QRMTSIGN, exit programs, etc., can modify this behavior.) Tom Liotta
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.
midrange.com
