You can certainly set the QLMTDEVSSN system value. Then if “certain” users really need it, the you can override at the profile level. I know our auditors look at this at the sysval and profile level.
We have a very limited number of users that have two profiles for production work since all users are allowed only one session

--
Bryan Dietz

On Jan 30, 2020, at 10:45 AM, Rob Berendt <rob@xxxxxxxxx> wrote:

I do NOT recommend setting QLMTDEVSSN. If any auditor starts out with QLMTDEVSSN I quickly show them to the door. There's a well known name whose presentation starts out with this. I quickly lose interest from there. Too many people need multiple sessions.

Set up correctly the system audit journal will show you access by userid by IP address. That's acceptable for "after the fact". With some creative farming you can find users accessing from multiple IP addresses. See DSPDEVD, etc
Access exit points can probably be set to lock the door. Normally involves the SPENDMONEY command.
You can even fine tune user id's to only be valid at certain times. This way they don't leave the first shift supervisor signed on and use the same session for all three shifts.

Playing with the new SQL services could be fun.

But in general I agree with Larry's reply.

Rob Berendt
--
IBM Certified System Administrator - IBM i 6.1
Group Dekko
Dept 1600
Mail to: 2505 Dekko Drive
Garrett, IN 46738
Ship to: Dock 108
6928N 400E
Kendallville, IN 46755
http://www.dekko.com


-----Original Message-----
From: MIDRANGE-L <midrange-l-bounces@xxxxxxxxxxxxxxxxxx> On Behalf Of Howie, Bill
Sent: Thursday, January 30, 2020 11:19 AM
To: midrange-l@xxxxxxxxxxxxxxxxxx
Subject: Users sharing passwords

CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe.


Hello all,

I've got a question for the group.....we are discovering instances of users on our system who are sharing passwords with each other instead of always using the ones created specifically for them. I'm thinking this is something that is most likely very common among the companies represented in the group and I was wondering how some of you have handled this situation. We'd like to somehow catch them in the act if that's possible. Has anyone endeavored to do this? All responses are most appreciated. Thanks!

Bill Howie | Senior ERP Programmer/Analyst Consultant
The HC Companies | 2450 Edison Blvd, Suite 3, Twinsburg OH 44087
Direct: 330.487.3739 | Cell: 330.495.5627 | Toll Free: 800.225.7712

The HC Companies, Inc.<http://www.hc-companies.com/> - North America's Leading Provider of Containers for Horticulture
Dillen | ITML | ProCal | Kord | Amerikan | Planters' Pride
From Grower to Gardener, Improving Our World
[Related image]<https://www.linkedin.com/company/the-hc-companies> [Related image] <https://www.facebook.com/HCCompanies/>

Disclaimer

The information contained in this communication from the sender is confidential. It is intended solely for use by the recipient and others authorized to receive it. If you are not the recipient, you are hereby notified that any disclosure, copying, distribution or taking action in relation of the contents of this information is strictly prohibited and may be unlawful.

This email has been scanned for viruses and malware, and may have been automatically archived by Mimecast Ltd, an innovator in Software as a Service (SaaS) for business. Providing a safer and more useful place for your human generated data. Specializing in; Security, archiving and compliance. To find out more visit the Mimecast website.
--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list
To post a message email: MIDRANGE-L@xxxxxxxxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: https://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxxxxxxxx
Before posting, please take a moment to review the archives
at https://archive.midrange.com/midrange-l.

Please contact support@xxxxxxxxxxxx for any subscription related questions.

Help support midrange.com by shopping at amazon.com with our affiliate link: https://amazon.midrange.com
--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list
To post a message email: MIDRANGE-L@xxxxxxxxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: https://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxxxxxxxx
Before posting, please take a moment to review the archives
at https://archive.midrange.com/midrange-l.

Please contact support@xxxxxxxxxxxx for any subscription related questions.

Help support midrange.com by shopping at amazon.com with our affiliate link: https://amazon.midrange.com

As an Amazon Associate we earn from qualifying purchases.

This thread ...

Follow-Ups:
Replies:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2022 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.