RE: How can I easily enable/disable remote access by User

["John Allen" <jallen@xxxxxxxxxxx>]

Sorry for not giving enough details.

The remote users access the System i using Client Access
(loaded on their laptops) via a VPN

John

-----Original Message-----
From: Jim Franz [mailto:franz400@xxxxxxxxxxxx] 
Sent: Saturday, November 08, 2008 4:28 PM
To: Midrange Systems Technical Discussion
Subject: Re: How can I easily enable/disable remote access
by User

It would help us offer a solution for determining whether
local/remote if 
you told us how people access remotely.
Check out the command CHGACTSCDE (change activation schedule
entry) which 
you could use to schedule normal onsite office hours , and
user would be 
disabled during off hours. It is a cmd you could use from a
subfile pgm 
(with proper auth). It is part of the Security Tools loaded
on all systems 
(GO SECTOOLS).
Jim Franz

----- Original Message ----- 
From: "John Allen" <jallen@xxxxxxxxxxx>
To: "'Midrange Systems Technical Discussion'"
<midrange-l@xxxxxxxxxxxx>
Sent: Saturday, November 08, 2008 2:13 PM
Subject: RE: How can I easily enable/disable remote access
by User


> Thanks for the quick reply,
>
> They want this to be real easy thing to do
(disable/enable)
> because it will be done quite often, don't want to
> continually have to go into Active Directory to make the
> changes if there is an easier way.
>
> We do not want to disable User profile because they are
> still allowed to use System i while in the office, just
want
> to stop the remote access.
>
> My initial thought was some type of Subfile program that
> displays all of the User Profiles and set a flag Allow
> Remote Access Y/N.
>
> But once I have the User Profile and the flag value I
guess
> I could write a program to run as there initial program
and
> if they are attempting remote access end the job.
>
> Not sure how I can tell if they are coming in remotely
> versus locally (in the office)
>
> I was also hoping I did not have to write a program if
> someone else already has, or if there is an inexpensive
> solution available.
>
> Thanks
> For your suggestion about Active Directory, I will have to
> see if that is possible solution
>
> John
>
>
>
>
> -----Original Message-----
> From: David Wright [mailto:opendave@xxxxxxxxx]
> Sent: Saturday, November 08, 2008 12:48 PM
> To: Midrange Systems Technical Discussion
> Subject: Re: How can I easily enable/disable remote access
> by User
>
> What sort of VPN hardware are you using?
>
> Some grant/deny VPN access through Active Directory and
some
> through
> internal user lists.
>
> But if access to the i is the only thing you need to
> restrict, couldn't you
> just enable/disable user profiles on the i?
>
> On Sat, Nov 8, 2008 at 9:03 AM, John Allen
> <jallen@xxxxxxxxxxx> wrote:
>
> > We have some employees that access our System i remotely
> > (through a VPN)
> -- 
> This is the Midrange Systems Technical Discussion
> (MIDRANGE-L) mailing list
> To post a message email: MIDRANGE-L@xxxxxxxxxxxx
> To subscribe, unsubscribe, or change list options,
> visit:
http://lists.midrange.com/mailman/listinfo/midrange-l
> or email: MIDRANGE-L-request@xxxxxxxxxxxx
> Before posting, please take a moment to review the
archives
> at http://archive.midrange.com/midrange-l.
>
> -- 
> This is the Midrange Systems Technical Discussion
(MIDRANGE-L) mailing 
> list
> To post a message email: MIDRANGE-L@xxxxxxxxxxxx
> To subscribe, unsubscribe, or change list options,
> visit:
http://lists.midrange.com/mailman/listinfo/midrange-l
> or email: MIDRANGE-L-request@xxxxxxxxxxxx
> Before posting, please take a moment to review the
archives
> at http://archive.midrange.com/midrange-l.