Hi,

Assuming you’re using client access – you can specify the workstation name in the client access config for each machine – then each PC should only use it’s own workstation Id. If you specify new workstation names, you’ll need to set the auto config system values to create the new device descriptions for you – once they’ve been created you can set the system values back to whatever they were.

Regards,

Martin Gilbert.

HI,..
thanks for your answer…
what i means is can we make devd which lock by ip address..
so this devd can’t open in other ip address..

Hello,

What would work really well is to come up with a naming convention for your workstation Ids. Since you seem to be focused on the IP address, you can use the unique portion of each address for each workstation ID. At one time we used the number of the network jack the workstations would plug into. IP address and jack numbers can change in the future, so we finally used a simple naming convention: PC####, the letters ‘PC’ followed by a 4 digit number. This works well to ‘lock’ the devd by PC (which is better than locking it by ip address) Also, we first woud create the device description so that we could enter the user’s name in the Text field, so we could easily keep track of who is using which device… when a person is terminated from the company we also delete the device description since the PC is shipped back to the Help Desk to get reimaged. The Help Desk can not install and configure an iSeries Access client without obtaining a new workstation ID from me (or my backup). I keep track of when these devd’s get created and when they were last use, that way I can report back how many iSeries Access installs we have on my status report each month.

This all works very from a security standpoint as well…. Users can not access our interactive subsystem without have a ‘PC’ workstation ID. Also, if someone decides on their own to pick a workstation number that someone else is using the problem will be very visable. So, it will be noticed if iSeries Access configurations were done incorrectly.

Let me know if you have any further questions, as I’ve done this since the beginning of time (or at least when iSeries Access first came out).

Bruce

hello batman..

thanks for your comment..
I have already naming devd like your idea..
but our big problem is the user try to use another devd when their default devd being use by another user..
the user try one by one where is the empty workstation id..
so i try to lock workstation id with the PC they use..
there is anyway in AS/400 to do that?

the emulation prgm that we use on PCs will automatically ‘pass-thru’ as a QPADEVxxxx
(Q = everthing supplied by IBM starts with a Q,
PADEV – stands for ‘pass-thru-device)
UNLESS you go into it’s settings and give the device a designated name which overrides the default.
(this way it never changes even if DHCP changes the IP of the PC)

i.e HZPCSHIP (first two letters designate which warehouse location HZ is Hazelwood facility)
PC (obvious) SHIP is where in the warehouse the device is located – shipping dept.

a second named session on the same PC will show up in WRKACT as HZPCSHIPS1, etc.
this way each warehouse’s devices come up grouped together
HZPC
HZPRTPAC1, 2 etc.
HZPRTLBL1, 2 etc.

thanks for all comment..
but all provided solution already do by me..
my real question is,there is another way beside that?

warm regards,

Hi,

I think your real problem is that the users can select which device they connect to. You should change your security on the PC’s to restrict the configuration files in client access to only be updated by an administrator. Then set each PC up with a unique device Id.

Regards,

Martin Gilbert.

You could also go through all of your device decriptions and set the appropriate security, making sure to set *PUBLIC to *EXCLUDE so only the specific user you specify can use that device.

If the purpose would be to block certain IP adresses why not use the TCP ROUTING table of the iSeries ?
(CFGTCP option 2)
Another route that could block certain names of Workstations are the SUBSYSTEM workstation entries.

@Pdraebel | Mar 17 2009 8:27AM GMT
>>Another route that could block certain names of Workstations are the SUBSYSTEM workstation entries.

Thanks, I encountered a new range of workstation id’s today that neede to be connected, and didn’t understand why they got a blank screen…

So, if you start setting up working with workstation id’s, make sure your syntax is in the list of the subsystem where the sessions are supposed to run.
Example: now running QPADEV* in subsytem INTER, you can see this in (WRKSBSD INTER, option 4).
Here I added CNEH* for a new range of workstation id’s to be connected. Otherwie you get a blank screen in ClientAcces (with session started message in statusbar)

grtz
Jeroen

Hi Jeroen, you should also take care of “Excluding” devices from interactive subsystems where you do not want them to execute.

ADDWSE SBSD(*LIBL/INTERACT)
WRKSTN(PC*)
AT(*ENTER)
Otherwise your workstations could turn up active in subsystems where you do not want them to be.
Peter

how to create userprofile in AS/400 i serise with certain menus?