How to determine password expiration

330 pts.
Tags:
AS/400
Biometrics
Digital certificates
Identity & Access Management
provisioning
Security tokens
Single sign-on
Recently this iSeries user wrote in with a question about password expiration. He writes, "How can I tell if a user's password does not expire? I've used the user profile report, but all it gives me for expiration values are 0's or -1's for all of the users." Can you help? Michelle Davidson Editor Search400.com
ASKED: August 23, 2005  11:36 AM
UPDATED: October 31, 2010  12:26 PM

Answer Wiki

Thanks. We'll let you know when a new response is added.

Execute the following command:

DSPUSRPRF USRPRF(*ALL) OUTPUT(*OUTFILE) OUTFILE(yourlib/USRPRFS)

In the USRPRFS file created, there is a field that shows a password expiration interval. Any user with a value of -1 in this field specifies that the password never expires.

A zero means when the user was created this parameter was set to *SYSVAL and it uses the system value QPWDEXPITV to determine what the value is.

Any other numeric value means when the user was created the number of days was actually entered on this parameter.

==================================================================

The profile will expose the date of last password change and the password-change interval (e.g., 10 days). The password expiration date is PasswordChangeDate plus PasswordExpirationInterval days. Just add the number of days to the date.

Since the QPWDEXPITV system value can be changed at any time, the profile doesn’t keep a date. It is simply checked against last-change date and interval when signon occurs.

Tom

Discuss This Question: 1  Reply

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
  • Dalibor
    Same effect you get with PRTUSRPRF TYPE(*PWDINFO). The difference is that you get report in spool file in your OUTQ, not in OUTFILE. It's clearly to me and you can in iSeries navigator copy-paste that report to PC. Dalibor
    10 pointsBadges:
    report

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Thanks! We'll email you when relevant content is added and updated.

Following