× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.


  1.  Home
  2. MIDRANGE-L
  3. April 2009

RE: Users with PASSWORD *NONE

I also do the pretty much the same thing but run it on a daily basis. It's nice to have a OUTFILE of USRPRF that you know isn't more than 24 hours old. I have the report emailed to me everyday.

Bryan Burns
iSeries Specialist
ECHO, Incorporated
Lake Zurich, Illinois

-----Original Message-----
From: midrange-l-bounces@xxxxxxxxxxxx [mailto:midrange-l-bounces@xxxxxxxxxxxx]On Behalf Of Roger Harman
Sent: Wednesday, April 01, 2009 6:07 PM
To: midrange-l@xxxxxxxxxxxx
Subject: Re: Users with PASSWORD *NONE

FWIW..... I run the following on a weekly basis and then various queries
over it. Helps with our SOX auditing. Check for newly created profiles
in last ## days, unused in ## days, overdue for password change, etc.
You can easily join them with SQL but long ago I created a joined
logical over both. Also lets us match terminations from HR to people
with profiles that need to be disabled.

DSPOBJD OBJ(QSYS/*ALL) OBJTYPE(*USRPRF) OUTPUT(*OUTFILE)
OUTFILE(somelib/USRPRFOBJD)
DSPUSRPRF USRPRF(*ALL) OUTPUT(*OUTFILE) OUTFILE(somelib/USRPRF)


CRPbottle@xxxxxxxxx 04/01/2009 1:40:46 PM >>>
Burns, Bryan wrote:
Is there way to tell whether a user profile has a PASSWORD of
*NONE, and therefore cannot sign-on even though it's enabled
and not expired, besides a PRTUSRPRF? The WRKUSRPF options
don't show it.

DSPAUTUSR shows that, but does not have an output file, so that
command may not be preferable if a programmed response to such an
inquiry is desired. However IIRC the model outfile [output file] for
DSPUSRPRF for *BASIC detail for the type of information [TYPE()
parameter] named QADSPUPB in QSYS [or QSYS29##] with a format name
QSYDSUPB has a field [e.g. something like UPNOPWD] which includes an
indication if the password setting is *NONE. Perform a request to
DSPFFD QSYS/QADSPUPB and then review the text and column headings for
the listed fields, looking for the text '*NONE' alluding to such an
indicator [possibly as a value of '1' to suggest 'true'].

The Retrieve Authorized Users (QSYRAUTU) API and Open List of
Authorized Users (QGYOLAUS) API purport to provide information similar

to that of DSPAUTUSR.

Regards, Chuck
--


As an Amazon Associate we earn from qualifying purchases.

This thread ...
Replies:
Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.