Check Encrypted User Password (QSYCUPWD) API


  Required Parameter Group:

1 Encrypted password return code Output Char(1)
2 Receiver variable from QSYRUPWD Input Char(*)
3 Format Input Char(8)
4 Error code I/O Char(*)

  Default Public Authority: *EXCLUDE

  Threadsafe: No

The Check Encrypted User Password (QSYCUPWD) API checks to see if the encrypted password data for the specified user profile on the system on which this API is run is the same as the encrypted password data for the user on the system where the Retrieve Encrypted User Password (QSYRUPWD) API was run.

The API does not check the iSeries Support for Windows Network Neighborhood (iSeries NetServer) encrypted password information. Only the encrypted passwords used to sign on from a sign-on display are checked.

The QSYCUPWD API follows this process:


Authorities and Locks

User Profile Authority
Caller of this API must have *ALLOBJ and *SECADM special authorities
API Public Authority
*EXCLUDE

Required Parameter Group

Encrypted password return code
OUTPUT; CHAR(1)

Whether the encrypted password for the user profile on the system on which this API is run matches the encrypted password for the same user profile that is specified in the receiver variable from QSYRUPWD parameter. This parameter contains one of the following:

0 The passwords match.
1 The user profile on the system on which this API is run is disabled.
2 The password for the user on the system on which this API is run is *NONE.
3 The password for the user profile on the system on which this API is run is expired.
4 The passwords could not be compared.
9 The passwords do not match.

Receiver variable from QSYRUPWD
INPUT; CHAR(*)

The variable that is used to check the encrypted password for the user. The receiver variable from the QSYRUPWD API must be used as input to this API. For this API to successfully check the encrypted password for the user, the bytes returned value must be equal to the bytes available value in the input data. The input data must be retrieved from the receiver variable used by the QSYRUPWD API and cannot be changed in any way.

Format
INPUT; CHAR(8)

The name of the format that is used to check the user's encrypted password data. The following value is allowed:

UPWD0100 Encrypted password will be checked.

Error code
I/O; CHAR(*)

The structure in which to return error information. For the format of the structure, see Error Code Parameter.


UPWD0100 Format

The following table describes the input variable that is to be passed as the second parameter to QSYCUPWD. This input variable must be the same data as the receiver variable that is returned by the QSYRUPWD API. The receiver variable, returned by the QSYRUPWD API, cannot be changed in any way prior to passing the data as input to the QSYCUPWD API. If this data is changed, the QSYCUPWD API will not be able to successfully check the password for the user. For detailed descriptions of the fields in the tables, see Field Descriptions.

Offset Type Field
Dec Hex
0 0 BINARY(4) Bytes returned
4 4 BINARY(4) Bytes available
8 8 CHAR(10) User profile name
18 12 CHAR(*) Encrypted user password data

Field Descriptions

Bytes available. The number of bytes of data available when retrieved by the QSYRUPWD API. For the QSYCUPWD API to successfully check the encrypted password for the user, this value must be equal to the bytes returned value. If the bytes available field is greater than the bytes returned field, this input cannot be used to successfully check the encrypted password for the user.

Bytes returned. The number of bytes of data.

Encrypted user password data. The encrypted password data for the user profile.

User profile name. The name of the user profile for which the password will be checked.


Error Messages

Message ID Error Message Text
CPF2203 E User profile &1 not correct.
CPF2225 E Not able to allocate internal system object.
CPF222E E &1 special authority is required.
CPF3C21 E Format name &1 is not valid.
CPF3CF1 E Error code parameter not valid.
CPF4AB2 E Receiver variable from QSYRUPWD has been altered.
CPF9801 E Object &2 in library &3 not found.
CPF9872 E Program or service program &1 in library &2 ended. Reason code &3.


API introduced: V5R2
Top | Security APIs | APIs by category