Client Access or iSeries connection

pts.
Tags:
AS/400
PC/Windows Connectivity
We have had someone attempting to sign on to our iseries using Client Access or iSeries Access and they use the wrong password too many times with the wrong password, on the small window that comes up before the greenscreen signon. The user name was of someone who was out sick that day so I cannot identify who it really was. When they do that we get msg CPF1393 that teh user profile was disabled, but it does not identify the workstation, since no workstation is being signed onto yet. Is there any way for the IP address of the PC or it's PC name to be included in the message, or is there somewhere else I can look on our i-series?

Answer Wiki

Thanks. We'll let you know when a new response is added.

Use the CHGTCPA command and change the ‘Log protocol errors’ parameter to yes. This will give you info on the IP addresses attaching to your machine

Discuss This Question: 3  Replies

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
  • Jgsnsbt
    I believe that CHGTCPA will not solve your problem, since we're not talking about a TCP/IP Error instead of a security issue, which is handled by i5 OS and not by the TCP/IP layer. There are so called exitpoints (have a look with WRKREGINF) on the iSeries, which allow you to insert your own programs into the systems-program-flow. To solve your problem, I think you should have a closer look at QIBM_QZSO_SIGNONSRV exitpgm. If you hook up your own prog to this exitpoint you're at least inside the job in question. Then it's up to you to gather information or anything via CMDs or APIs. I've done this with QIBM_QTMF_SVR_LOGON to allow only defined users for FTP access and it works fine. My company also uses the SEU exit programs for our USEU development tools with no problem. Post your results. Interesting anyway! Greetings from Germany.
    30 pointsBadges:
    report
  • ConfigFr
    Hi all, I used a better way to do that. I you get a quick look on QSYSOPR message Queue, you could see a message wich say to you "The profile xxxx was disabled by QINTER system". I think that this message still exist and you could change the default message queue for it and survey by a program this new queue. But you have to know that if you create an authomatic reset of profile, you'll have a system not on safety security.
    0 pointsBadges:
    report
  • Stanayres
    The Qsysopr msg I get, but I know that person was not involved since they were out sick that day. IBM helped me by advising me to change the system value QAUDLVL to *AUTFAIL andthe system value QAUDCTL to value *AUDLVL then you can dsp the resulting journal to a file and query the file. You can reference IBM support line technical document # 329133089
    0 pointsBadges:
    report

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Thanks! We'll email you when relevant content is added and updated.

Following