changing a group profile to a user profile?

pts.
Tags:
AS/400
One of my predecessors thought it was a great idea to add users to the QSYSOPR profile, which changed it from a regular user profile to a group profile. I have since moved these users to other groups, but QSYSOPR still thinks it's a group even though there are no members. Short of deleting this profile and recreating it, is there any way to reverse this process and "demote" this user profile? We actually use QSYSOPR for several tasks, but my Audit department has pointed out that we have a group profile with a password and they want us to either change it to password = *NONE or make it not be a group anymore. Thanks.

Answer Wiki

Thanks. We'll let you know when a new response is added.

What makes you think QSYSOPR has changed from a “regular” to a “group” profile? I can’t find any attribute of the profile that would indicated that.

I know you can create a group in the Navigator, but i haven’t really used that extensively. I did create a group to see if it created a profile but it didn’t.

As far as i know, using a profile in the group profile parameter of another profile does not change the profile being used as a group profile in anyway. For example, i have QSECOFR locked down and specify it as the group profile for myself and another person that i want administering the system. If i run the dspusrprf command, QSECOFR has nothing to indicate that it is a “group profile”, it’s merely referenced by the other two.

Discuss This Question: 4  Replies

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
  • Jgowin
    The attribute can't be seen by viewing the user (group) profile; it can't be seen by doing a DSPUSRPRF OUTPUT(*PRINT) either. But, if you do a DSPUSRPRF OUTPUT(*OUTFILE) and then view the file, there's a field called "Group Profile Indicator," and my QSYSOPR has a *YES in this field.
    0 pointsBadges:
    report
  • Jaicee
    Thank you for pointing that out. I didn't know that. But (if i remember correctly) the person who posted the question said that once he removed the profiles QSYSOPR was still considered a group profile. I tried your suggestion. The field was set to "*NO". I then changed a profile to have QSYSOPR as its group profile and reran the command. The field was then set to "*YES". Then i change the profile to not back to its original group profile value should have set the field back to "*NO", which it did. So i'm still not sure what his problem is. At least for me , now that i know about the field, it works as exepected. I'm wondering if that field is there just to make it possible to query the file so that you can see a list of profiles that are being used as group profiles and what profiles are under them. Like: select g.upuprf as group_prf, u.upuprf as group_mbr from dspusrprf g left outer join dspusrprf u on g.upuprf = u.upgrpf where g.upgrpi = '*YES' order by g.upuprf, u.upuprf
    0 pointsBadges:
    report
  • TomLiotta
    BTW, what does your Audit Dept care if a group profile has a password or not? A password on a group profile has no practical difference from a password on any member of the group. Signing on as any group member gives you the authority of the group profile -- that's pretty much the whole point of group profiles. Now, I would understand if the password was made public... Tom
    125,585 pointsBadges:
    report
  • Batman47
    If you want to change the Group Profile Indicator to *NO you must use the QSYCHGID API to change the Group ID (GID) to 0. Here is the link from IBM: http://publib.boulder.ibm.com/infocenter/iseries/v5r4/index.jsp?topic=/apis/QSYCHGID.htm
    1,050 pointsBadges:
    report

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Thanks! We'll email you when relevant content is added and updated.

Following