96 lines
5.9 KiB
HTML
96 lines
5.9 KiB
HTML
|
<?xml version="1.0" encoding="UTF-8"?>
|
||
|
<!DOCTYPE html
|
||
|
PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
|
||
|
<html lang="en-us" xml:lang="en-us">
|
||
|
<head>
|
||
|
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
|
||
|
<meta name="security" content="public" />
|
||
|
<meta name="Robots" content="index,follow" />
|
||
|
<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' />
|
||
|
<meta name="DC.Type" content="task" />
|
||
|
<meta name="DC.Title" content="Verify passwords when changing password levels" />
|
||
|
<meta name="abstract" content="Prior to changing your Password Level (QPWDLVL) value, you should verify your user profiles contain passwords for the level you are going to. There are two character-based methods for analyzing the profiles on your system." />
|
||
|
<meta name="description" content="Prior to changing your Password Level (QPWDLVL) value, you should verify your user profiles contain passwords for the level you are going to. There are two character-based methods for analyzing the profiles on your system." />
|
||
|
<meta name="DC.Relation" scheme="URI" content="rzakzpasswordoverview.htm" />
|
||
|
<meta name="copyright" content="(C) Copyright IBM Corporation 1998, 2006" />
|
||
|
<meta name="DC.Rights.Owner" content="(C) Copyright IBM Corporation 1998, 2006" />
|
||
|
<meta name="DC.Format" content="XHTML" />
|
||
|
<meta name="DC.Identifier" content="rzakzverifypwdlvl" />
|
||
|
<meta name="DC.Language" content="en-us" />
|
||
|
<!-- All rights reserved. Licensed Materials Property of IBM -->
|
||
|
<!-- US Government Users Restricted Rights -->
|
||
|
<!-- Use, duplication or disclosure restricted by -->
|
||
|
<!-- GSA ADP Schedule Contract with IBM Corp. -->
|
||
|
<link rel="stylesheet" type="text/css" href="./ibmdita.css" />
|
||
|
<link rel="stylesheet" type="text/css" href="./ic.css" />
|
||
|
<title>Verify passwords when changing password levels</title>
|
||
|
</head>
|
||
|
<body id="rzakzverifypwdlvl"><a name="rzakzverifypwdlvl"><!-- --></a>
|
||
|
<!-- Java sync-link --><script language="Javascript" src="../rzahg/synch.js" type="text/javascript"></script>
|
||
|
<h1 class="topictitle1">Verify passwords when changing password levels</h1>
|
||
|
<div><p>Prior to changing your <span class="uicontrol">Password Level</span> (QPWDLVL)
|
||
|
value, you should verify your user profiles contain passwords for the level
|
||
|
you are going to. There are two character-based methods for analyzing the
|
||
|
profiles on your system.</p>
|
||
|
<div class="section"><ul><li>The first method is to use the PRTUSRPRF (Print User Profile) command.
|
||
|
When this command is used with the *PWDLVL value for the TYPE parameter, a
|
||
|
report is built that contains a list of all the profiles on the system and
|
||
|
indicates if the profile has a password for QPWDLVL 0, 1, 2, or 3. Complete
|
||
|
the following steps to analyze your system: <ol><li>Type PRTUSRPRF TYPE(*PWDLVL).</li>
|
||
|
<li>Type WRKSPLF (Work with spooled file).</li>
|
||
|
<li>Type 5 (Display) next to the filename of the report. The filename will
|
||
|
always be QPSECUSR.</li>
|
||
|
<li>View the report to determine which profiles have passwords for the <span class="uicontrol">Password
|
||
|
level</span> you want to change to.</li>
|
||
|
</ol>
|
||
|
</li>
|
||
|
<li>The second method is to use the output from the DSPUSRPRF (Display User
|
||
|
Profile) command. The DSPUSRPRF command can be used to direct user profile
|
||
|
information for every profile on the system to an outfile. The populated outfile
|
||
|
can be used in an application or in an interactive SQL SELECT statement to
|
||
|
determine which profiles have passwords for the QPWDLVL you want to change
|
||
|
to. Complete the following steps to analyze your system: <ol><li>When you want to get the information for all the profiles on the system,
|
||
|
you must direct the output from the DSPUSRPRF command to an outfile. When
|
||
|
the value for the TYPE parameter is *BASIC, the outfile must be the same format
|
||
|
as the IBM<sup>®</sup> model
|
||
|
outfile QSYS/QADSPUPB. There are two fields in the target outifile that contain
|
||
|
the desired information. The field names are UPENPW (Y indicates the user
|
||
|
has a password for QPWDLVL 0 and 1) and UPENPH (Y indicates the user has a
|
||
|
password for password level 2 and 3). <p>If the outfile specified on the DSPUSRPRF
|
||
|
command does not exist when the command is issued, the command will create
|
||
|
the file. If the file exists when the DSPUSRPRF command is issued, it must
|
||
|
be the same format as QSYS/QADSPUPB the model outfile. It is a good idea to
|
||
|
create the target outfile before you issue the DSPUSRPRF command. The following
|
||
|
step is recommended, but not always required:</p>
|
||
|
<p>CRTDUPOBJ OBJ(QADSPUPB)
|
||
|
FROMLIB(QSYS) OBJTYPE(*FILE) TOLIB(1111) NEWOBJ(nnnn) Where 1111 is the name
|
||
|
of an existing library where you want the target outfile to go and nnnn is
|
||
|
the name of the target outfile.</p>
|
||
|
</li>
|
||
|
<li>If you have a large number of profiles of your system, the outfile might
|
||
|
not hold all of the data. To ensure the outfile can handle all the data, issue
|
||
|
the following CHGPF (Change Physical File) command against the file you just
|
||
|
created: <p>CHGPF FILE(1111/nnnn) SIZE(*NOMAX)</p>
|
||
|
</li>
|
||
|
<li>Use the DSPUSRPRF command to collect the data for all the profiles on
|
||
|
your system: <p>DSPUSRPRF USRPRF(*ALL) TYPE(*BASIC) OUTPUT(*OUTFILE) OUTFILE(1111/nnnn)</p>
|
||
|
</li>
|
||
|
<li>If you want to use an interactive SQL SELECT statement to examine which
|
||
|
the profiles for valid passwords, use the following commands: <ol type="a"><li>Type STRSQL.</li>
|
||
|
<li>Type SELECT UPUPRF, UPENPW, UPENPH FROM 1111/nnnn.</li>
|
||
|
</ol>
|
||
|
<p>OR</p>
|
||
|
<p>You can write an application that extracts the UPENPW and
|
||
|
UPENPH field data from your target outfile.</p>
|
||
|
</li>
|
||
|
</ol>
|
||
|
</li>
|
||
|
</ul>
|
||
|
</div>
|
||
|
</div>
|
||
|
<div><div class="relconcepts"><strong>Related concepts</strong><br />
|
||
|
<div><a href="rzakzpasswordoverview.htm" title="Use i5/OS password system values to control the password values and password restrictions.">System values: Password overview</a></div>
|
||
|
</div>
|
||
|
</div>
|
||
|
</body>
|
||
|
</html>
|