Enable/Disable AS400 User Profile

45 pts.
Tags:
AS/400 user permissions
AS/400 user profiles
I am trying to create a menu option that will allow the helpdesk level1 to only enable or disable user profile?

Answer Wiki

Thanks. We'll let you know when a new response is added.

This is quite a straight forward task, and the easiest way is to create a command and CL program to do the work for you.

For example the following source is for a CHGUSRSTS command:

<pre> CMD PROMPT(‘Change User Status’)

PARM KWD(USERID) TYPE(*NAME) LEN(10) PROMPT(‘User ID’)

PARM KWD(STS) TYPE(*CHAR) LEN(10) RSTD(*YES) +
VALUES(*ENABLED *DISABLED) PROMPT(STATUS) </pre>

Create this in a source member named CHGUSRSTS with a memebr type of CMD and compile using the CRTCMD command. On the compile prompt set the command processing program to be CHGUSRSTS and then create a source member with the same name in QCLSRC with a member type of CLP and enter the following:

<pre> PGM PARM(&USERID &STS)

DCL VAR(&USERID) TYPE(*CHAR) LEN(10)
DCL VAR(&STS) TYPE(*CHAR) LEN(10)
DCL VAR(&MSG) TYPE(*CHAR) LEN(80)

/* First check that the User ID exists */

CHKOBJ OBJ(&USERID) OBJTYPE(*USRPRF)

MONMSG MSGID(CPF9801) EXEC(DO)
CHGVAR VAR(&MSG) VALUE(‘User profile ‘ *CAT &USERID +
*TCAT ‘ does not exist’)
GOTO CMDLBL(FINISHED)
ENDDO

MONMSG MSGID(CPF9802) EXEC(DO)
CHGVAR VAR(&MSG) VALUE(‘Not authorised to user +
profile ‘ *CAT &USERID)
GOTO CMDLBL(FINISHED)
ENDDO

/* User profile exists and we are authorised to it, so change the status… */

CHGUSRPRF USRPRF(&USERID) STATUS(&STS)
CHGVAR VAR(&MSG) VALUE(‘User profile ‘ *CAT &USERID +
*TCAT ‘ status chanegd to ‘ *CAT &STS)

/* Send any message and exit… */

FINISHED: SNDPGMMSG MSG(&MSG)

ENDPGM </pre>

When you compile this using the CRTCLPGM command you must compile it while signed on as as user with authority to run the CHGUSRPRF command (i.e. QSECOFR or somebody with *SECADM authority) and you must specify the USRPRF(*OWNER) parameter on the compile command.

On your menu you can add it as ?CHGUSRSTS to force it to be prompted.

Basically the program checks that the user profile exists and then sets the status according to the value entered by the user. Nice and easy. You could expand on it quite easily to allow for changing/resetting passwords, etc.

If you need any help, just shout.

Best regards

Jonathan

From WaltZ400:

Another thing you can do is add a menu option which contains the following command string.

CHGUSRPRF ??USRPRF() ??STATUS()

What this does is selectively prompts on the CHGUSRPRF command and only gives the user the two parameters that shows on the command. All they can do is enter a user profile and a status. Nothing else is maintainable at this point. For more information go to the iSeries Infocenter for your OS release for more more information on selective prompting on iSeries commands.

Discuss This Question: 2  Replies

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
  • astradyne
    Selectively prompting on the CHGUSRPRF as suggested by Waltz400 is a nice clean way to do it, but it is unlikely the Helpdesk Level 1 running the option (as mentioned in the orginal post) would have the authority to run the command. If they did then the question wouldn't have been asked in the first place. The solution then would be to wrap the command in a CL program that is owned by QSECOFR (or somebody with *SECADM authority) and to have it run under adoptied authority:
    PGM
    
    CHGUSRPRF ??USRPRF() ??STATUS()
    
    ENDPGM
    
    370 pointsBadges:
    report
  • TomLiotta
    (or somebody with *SECADM authority) *SECADM is not sufficient. In addition, the profile must *ALLOBJ, or have *CHANGE authority to every profile that might need to be changed at any time in the future. Tom
    125,585 pointsBadges:
    report

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Thanks! We'll email you when relevant content is added and updated.

Following