ibm-information-center/dist/eclipse/plugins/i5OS.ic.apis_5.4.0.1/qsyrupwd.htm

359 lines
10 KiB
HTML
Raw Normal View History

2024-04-02 14:02:31 +00:00
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<meta name="Copyright" content="Copyright (c) 2006 by IBM Corporation">
<title>Retrieve Encrypted User Password (QSYRUPWD) API</title>
<!-- Begin Header Records ========================================== -->
<!-- All rights reserved. Licensed Materials Property of IBM -->
<!-- US Government Users Restricted Rights -->
<!-- Use, duplication or disclosure restricted by -->
<!-- GSA ADP Schedule Contract with IBM Corp. -->
<!-- Sec SCRIPT A converted by B2H R4.1 (346) (CMS) by V2KEA304 -->
<!-- at RCHVMW2 on 17 Feb 1999 at 11:05:09 -->
<!-- Change History: -->
<!-- YYMMDD USERID Change description -->
<!-- Edited by Kersten Jan 02 -->
<!--End Header Records -->
<link rel="stylesheet" type="text/css" href="../rzahg/ic.css">
</head>
<body>
<a name="Top_Of_Page"></a>
<!-- Java sync-link -->
<script language="Javascript" src="../rzahg/synch.js" type="text/javascript">
</script>
<h2>Retrieve Encrypted User Password (QSYRUPWD) API</h2>
<div class="box" style="width: 80%;">
<br>
&nbsp;&nbsp;Required Parameter Group:<br>
<!-- iddvc RMBR -->
<br>
<table width="100%">
<tr>
<td align="center" valign="top" width="10%">1</td>
<td align="left" valign="top" width="50%">Receiver variable</td>
<td align="left" valign="top" width="20%">Output</td>
<td align="left" valign="top" width="20%">Char(*)</td>
</tr>
<tr>
<td align="center" valign="top">2</td>
<td align="left" valign="top">Length of receiver variable</td>
<td align="left" valign="top">Input</td>
<td align="left" valign="top">Binary(4)</td>
</tr>
<tr>
<td align="center" valign="top">3</td>
<td align="left" valign="top">Format</td>
<td align="left" valign="top">Input</td>
<td align="left" valign="top">Char(8)</td>
</tr>
<tr>
<td align="center" valign="top">4</td>
<td align="left" valign="top">User profile name</td>
<td align="left" valign="top">Input</td>
<td align="left" valign="top">Char(10)</td>
</tr>
<tr>
<td align="center" valign="top">5</td>
<td align="left" valign="top">Error code</td>
<td align="left" valign="top">I/O</td>
<td align="left" valign="top">Char(*)</td>
</tr>
</table>
<br>
&nbsp;&nbsp;Default Public Authority: *EXCLUDE<br>
<!-- iddvc RMBR -->
<br>
&nbsp;&nbsp;Threadsafe: No<br>
<!-- iddvc RMBR -->
<br>
</div>
<p>The Retrieve Encrypted User Password (QSYRUPWD) API returns to the caller
the encrypted password data for the specified user profile. This API works with
the Set Encrypted User Password (QSYSUPWD) API in that the APIs allow the user
to more easily mirror the user profile activity on a second system based on the
activity at the first system.</p>
<p>The data returned by the QSYRUPWD APIs should not be sent to a system that is
at a different
release or at a different password level. If data from this API
is applied to a down-level system or a system with a different password level,
unexpected changes to the user's password data could occur. For example, if the
encrypted password data is retrieved from a system operating at password level
3 and is set on a system operating at password level 0 (or a pre-V5R1 system),
the user profile's password is changed to *NONE. No checks are made to enforce
these recommendations.</p>
<p>If the local password management (LCLPWDMGT) value
for the specified user profile is *NO, then the local i5/OS password will be set to *NONE when the
QSYSUPWD API is called. Also, if the LCLPWDMGT value is *NO for the user profile on the system
where the QSYSUPWD API is called, then the local i5/OS password will be set to *NONE.
</p>
<p>Except for the
iSeries Support for Windows Network Neighborhood (iSeries NetServer) password,
the QSYRUPWD API does not retrieve product-level encrypted data that may be
associated with a user profile.</p>
<p><strong>Note:</strong> If an error occurs while attempting to retrieve the
iSeries NetServer password, the CPF22F0 error will be returned
and no encrypted password data is returned.</p>
<br>
<h3>Authorities and Locks</h3>
<dl>
<dt><em>User Profile Authority</em></dt>
<dd>*ALLOBJ and *SECADM</dd>
<dt><em>API Public Authority</em></dt>
<dd>*EXCLUDE</dd>
</dl>
<br>
<h3>Required Parameter Group</h3>
<dl>
<dt><strong>Receiver variable</strong></dt>
<dd>OUTPUT; CHAR(*)
<p>The variable used to return the information about the user. The necessary
size of this receiver variable can be obtained by calling the QSYRUPWD API with
the length of receiver variable set to 8 bytes. The bytes available value that
is returned in this receiver variable will indicate the necessary size of the
receiver variable. The receiver variable format is defined in <a href=
"#HDRUPWD100">UPWD0100 Format</a>.</p>
</dd>
<dt><strong>Length of receiver variable</strong></dt>
<dd>INPUT; BINARY(4)
<p>The length of the receiver variable. This value must be at least 8 bytes in
length. To obtain all information necessary to call the QSYSUPWD API, you must
use a receiver variable at least as long as the bytes available value that is
returned by this API.</p>
</dd>
<dt><strong>Format</strong></dt>
<dd>INPUT; CHAR(8)
<p>The name of the format that is used to return the user's encrypted
password.</p>
<p>The following value is allowed:</p>
<table cellpadding="5">
<!-- cols="30 70" -->
<tr>
<td align="left" valign="top"><em><a href="#HDRUPWD100">UPWD0100</a></em></td>
<td align="left" valign="top">Encrypted password is returned.</td>
</tr>
</table>
<br>
</dd>
<dt><strong>User profile name</strong></dt>
<dd>INPUT; CHAR(10)
<p>The name of the user for whom the encrypted password will be returned.</p>
</dd>
<dt><strong>Error code</strong></dt>
<dd>I/O; CHAR(*)
<p>The structure in which to return error information. For the format of the
structure, see <a href="../apiref/error.htm#hdrerrcod">Error Code Parameter</a>.</p>
</dd>
</dl>
<br>
<h3>Format of Receiver Variable</h3>
<p>The following tables describe the receiver variable that is returned by the
QSYRUPWD API. This receiver variable is used as input to the QSYSUPWD API
(first parameter). The receiver variable cannot be changed in any way prior to
passing the data to the QSYSUPWD API. If this data is changed, the QSYSUPWD API
will not be able to successfully change the password for the user.</p>
<p>For detailed descriptions of the fields in this table, see <a href=
"#HDRSUPWDFD">Field Descriptions</a>.</p>
<br>
<h4><a name="HDRUPWD100">UPWD0100 Format</a></h4>
<table border width="80%">
<tr>
<th align="center" valign="bottom" colspan="2">Offset</th>
<th align="left" valign="bottom" rowspan="2">Type</th>
<th align="left" valign="bottom" rowspan="2">Field</th>
</tr>
<tr>
<th align="center" valign="bottom">Dec</th>
<th align="center" valign="bottom">Hex</th>
</tr>
<tr>
<td align="center" valign="top" width="10%">0</td>
<td align="center" valign="top" width="10%">0</td>
<td align="left" valign="top" width="20%">BINARY(4)</td>
<td align="left" valign="top" width="60%">Bytes returned</td>
</tr>
<tr>
<td align="center" valign="top">4</td>
<td align="center" valign="top">4</td>
<td align="left" valign="top">BINARY(4)</td>
<td align="left" valign="top">Bytes available</td>
</tr>
<tr>
<td align="center" valign="top">8</td>
<td align="center" valign="top">8</td>
<td align="left" valign="top">CHAR(10)</td>
<td align="left" valign="top">User profile name</td>
</tr>
<tr>
<td align="center" valign="top">18</td>
<td align="center" valign="top">12</td>
<td align="left" valign="top">CHAR(*)</td>
<td align="left" valign="top">Encrypted user password data</td>
</tr>
</table>
<br>
<br>
<h3><a name="HDRSUPWDFD">Field Descriptions</a></h3>
<p><strong>Bytes available.</strong> The number of bytes of data available to
be returned to the user. Bytes available may increase from release to release
but will always be a minimum of 2000 bytes. This field should be used to set
the length of receiver variable input parameter. If the bytes available field
is greater than the bytes returned field, the receiver variable cannot
successfully be used as input to the QSYSUPWD API as not all encrypted password
data will be returned by this API.</p>
<p><strong>Bytes returned.</strong> The number of bytes of data returned to the
user in the receiver variable.</p>
<p><strong>Encrypted user password data.</strong> The encrypted password data
for the specified user profile.</p>
<p><strong>User profile name.</strong> The name of the user profile for which
information is being returned.</p>
<br>
<h3>Error Messages</h3>
<table width="100%" cellpadding="5">
<!-- cols="15 85" -->
<tr>
<th align="left" valign="top">Message ID</th>
<th align="left" valign="top">Error Message Text</th>
</tr>
<tr>
<td width="15%" valign="top">CPF2203 E</td>
<td width="85%" valign="top">User profile &amp;1 not correct.</td>
</tr>
<tr>
<td align="left" valign="top">CPF2225 E</td>
<td align="left" valign="top">Not able to allocate internal system object.</td>
</tr>
<tr>
<td align="left" valign="top">CPF222E E</td>
<td align="left" valign="top">&amp;1 special authority is required.</td>
</tr>
<tr>
<td align="left" valign="top">CPF22F0 E</td>
<td align="left" valign="top">Unexpected errors occurred during processing.</td>
</tr>
<tr>
<td align="left" valign="top">CPF3C19 E</td>
<td align="left" valign="top">Error occurred with receiver variable
specified.</td>
</tr>
<tr>
<td align="left" valign="top">CPF3C21 E</td>
<td align="left" valign="top">Format name &amp;1 is not valid.</td>
</tr>
<tr>
<td align="left" valign="top">CPF3C24 E</td>
<td align="left" valign="top">Length of receiver variable is not valid.</td>
</tr>
<tr>
<td align="left" valign="top">CPF3C90 E</td>
<td align="left" valign="top">Literal value cannot be changed.</td>
</tr>
<tr>
<td align="left" valign="top">CPF3CF1 E</td>
<td align="left" valign="top">Error code parameter not valid.</td>
</tr>
<tr>
<td align="left" valign="top">CPF9801 E</td>
<td align="left" valign="top">Object &amp;2 in library &amp;3 not found.</td>
</tr>
<tr>
<td align="left" valign="top">CPF9872 E</td>
<td align="left" valign="top">Program or service program &amp;1 in library
&amp;2 ended. Reason code &amp;3.</td>
</tr>
</table>
<br>
<hr>
API introduced: V3R7
<hr>
<center>
<table cellpadding="2" cellspacing="2">
<tr align="center">
<td valign="middle" align="center"><a href="#Top_Of_Page">Top</a> | <a href=
"sec.htm">Security APIs</a> | <a href="aplist.htm">APIs by category</a></td>
</tr>
</table>
</center>
</body>
</html>