|
Hi, Normally, the telnet device initialization program runs "when the device is initialized", which is before it displays the sign-on screen. Therefore, the user desription info will be blank. The exception to that is when the user uses a "bypass sign-on screen" or "auto-signon" function found in some emulators. When that's used, the emulator sends the username, password, program, library, etc to the system during the option negotiation phase. In that case, the data is sent during the option negotiation phase, and no sign-on screen is displayed. You don't see "User Name" because it's called "User Profile" (they mean the same thing) Incidentally, ISOTELIR4 is something that I wrote (despite that no credit appears to have been given) and there are some security implications when using it. 1) The peAutoSignOn parameter is currently left at off, as long as this is not changed, everything is safe -- but nobody will be able to use auto-signon. If you changed the code to simply set it to *ON, then everyone can auto-signon WITHOUT NEEDING A VALID PASSWORD. The correct way to handle this parameter is to check the "dsCnnPWvalid" variable from the connection description info. Only set the peAutoSignOn to *ON if the password is valid. For example, you might do this: 0176.00 C* KLEMSCOT can can bypass the sign-on screen 0177.00 C* if he provides a valid password 0178.00 c select 0179.00 c when dsUserProfile='KLEMSCOT' 0180.00 c if dsCnnPWvalid = '1' 0181.00 c or dsCnnPWvalid='2' 0182.00 c eval peAutoSignOn = *On 0183.00 c endif 0184.00 0185.00 C* User-IDs beginning with a 'Q' can never bypass 0186.00 C* the sign-on screen: 0187.00 c when %subst(dsUserProfile:1:1)='Q' 0188.00 c eval peAutoSignOn = *Off 0189.00 0190.00 c* Other users can bypass sign-on, but only if they 0191.00 C* pass an encrypted password: 0192.00 c other 0193.00 c if dsCnnPWvalid='2' 0194.00 c eval peAutoSignOn = *On 0195.00 c endif 0196.00 c endsl 2) Because of #1, anyone who has access to change/recompile this program can give himself the ability to log on as any user without a password. He could, for example, log on as QSECOFR and give himself *ALLOBJ authority. Make sure you understand these implications before using ISOTELIR4 (or any other telnet device initializtion exit program) so that you don't open your system up to trouble. On Thu, 23 May 2002 leszek.gruszczynski@big.pl wrote: > Hello > > I have a problem with telnet device initialization program. > I write own program and in User Description Information I don't see > anything. In other parameters like Device Description or Connection > description I have a proper information. > > I try use example from www.as400pro.com/isotelir4.htm and I also don't > see USER NAME in User description information. > > What I can do with this? > Please help me > > Best regards > > Leszek Gruszczynski
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2025 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.