FWIW..... I run the following on a weekly basis and then various queries
over it. Helps with our SOX auditing. Check for newly created profiles
in last ## days, unused in ## days, overdue for password change, etc.
You can easily join them with SQL but long ago I created a joined
logical over both. Also lets us match terminations from HR to people
with profiles that need to be disabled.
DSPOBJD OBJ(QSYS/*ALL) OBJTYPE(*USRPRF) OUTPUT(*OUTFILE)
OUTFILE(somelib/USRPRFOBJD)
DSPUSRPRF USRPRF(*ALL) OUTPUT(*OUTFILE) OUTFILE(somelib/USRPRF)
CRPbottle@xxxxxxxxx 04/01/2009 1:40:46 PM >>>
Burns, Bryan wrote:
Is there way to tell whether a user profile has a PASSWORD of
*NONE, and therefore cannot sign-on even though it's enabled
and not expired, besides a PRTUSRPRF? The WRKUSRPF options
don't show it.
DSPAUTUSR shows that, but does not have an output file, so that
command may not be preferable if a programmed response to such an
inquiry is desired. However IIRC the model outfile [output file] for
DSPUSRPRF for *BASIC detail for the type of information [TYPE()
parameter] named QADSPUPB in QSYS [or QSYS29##] with a format name
QSYDSUPB has a field [e.g. something like UPNOPWD] which includes an
indication if the password setting is *NONE. Perform a request to
DSPFFD QSYS/QADSPUPB and then review the text and column headings for
the listed fields, looking for the text '*NONE' alluding to such an
indicator [possibly as a value of '1' to suggest 'true'].
The Retrieve Authorized Users (QSYRAUTU) API and Open List of
Authorized Users (QGYOLAUS) API purport to provide information similar
to that of DSPAUTUSR.
Regards, Chuck
midrange.com
