Hi, You can try the WRKOBJOWN command to see which objects are OWNED by a particular user, but this won't tell you whether jobs are scheduled to run using that user profile. You may also have CL programs which submit jobs to run using specific profiles - which you would also have to search for using something like PDM. You may also have things like FTP scripts which connect from other machines using specific profiles. It's difficult to give a list of all the places to look for this as there are so many places that user profiles can be used. Regards, Martin Gilbert. ============================================================ System auditing (and possibly job accounting) can be used to track profile activity. <i>Review of audit information</i> is necessary in order to know if the system is being used as it should be. One issue is that the jobs shouldn't have been scheduled under that profile to begin with. They should have been scheduled under an application profile rather than an individual's profile. Review of audit info could have picked up on that before it became an issue. One possible future action would be to leave the profile on the system for a length of time (set by some written policy). Use CHGUSRPRF to change the profile password to *NONE to block remote logon attempts. At the same time (or after some additional policy period), set the profile to *DISABLED. Monitor activity by that profile during the policy period to determine sources of usage. Ideally, you might retain the profile long enough to establish that it is not an integral part of a business-critical element such as "period close". When there is no evidence of activity, the profile could be deleted. Owned objects should be transferred to an appropriate profile -- not an individual, but to some 'application' profile. You might make certain that a standard application owner profile exists. And you might create a secondary temp-owner profile for intermediate holding of ownership for these cases. If control is exerted over objects such as the job scheduler, and they are monitored or reviewed, the situation shouldn't arise in the future. Tom

Hi, You can try the WRKOBJOWN command to see which objects are OWNED by a particular user, but this won't tell you whether jobs are scheduled to run using that user profile. You may also have CL programs which submit jobs to run using specific profiles - which you would also have to search for using something like PDM. You may also have things like FTP scripts which connect from other machines using specific profiles. It's difficult to give a list of all the places to look for this as there are so many places that user profiles can be used. Regards, Martin Gilbert. ============================================================ System auditing (and possibly job accounting) can be used to track profile activity. <i>Review of audit information</i> is necessary in order to know if the system is being used as it should be. One issue is that the jobs shouldn't have been scheduled under that profile to begin with. They should have been scheduled under an application profile rather than an individual's profile. Review of audit info could have picked up on that before it became an issue. One possible future action would be to leave the profile on the system for a length of time (set by some written policy). Use CHGUSRPRF to change the profile password to *NONE to block remote logon attempts. At the same time (or after some additional policy period), set the profile to *DISABLED. Monitor activity by that profile during the policy period to determine sources of usage. Ideally, you might retain the profile long enough to establish that it is not an integral part of a business-critical element such as "period close". When there is no evidence of activity, the profile could be deleted. Owned objects should be transferred to an appropriate profile -- not an individual, but to some 'application' profile. You might make certain that a standard application owner profile exists. And you might create a secondary temp-owner profile for intermediate holding of ownership for these cases. If control is exerted over objects such as the job scheduler, and they are monitored or reviewed, the situation shouldn't arise in the future. Tom