Shall we retrieve Windows IP Address & User Profile?

3695 pts.
Tags:
IP address
Windows IP address
Hi Guys, we have common user profile to log in to iSeries. Now, I have a requirement where I need to retrieve the Windows IP Address, User profile, Login & Logout Time through which system Common User profile is logged in. Will it be possible to get Windows IP Address & User Profile from iSeries? Please help me out with this. Regards, Pradeep.

Software/Hardware used:
V6R1M0, WINDOWS

Answer Wiki

Thanks. We'll let you know when a new response is added.

Hi Guys,

I have done it.

1. IP Address of the PC can be Retrieved by using QDCRDEVD API. Use format DEVD0600. Retrieve IP Address from 877 position to 16 digits.

2. Store the User name in Local PC by executing ‘CMD C/ ECHO %USERNAME > C:/TEMP/USER.TXT’ through STRPCO & STRPCCMD commands.

FTP the Text file from PC to IFS folder by using STRPCCMD.

Copy the file from IFS to DB file by using CPYFRMSTMF command.

Regards,

Pradeep.

Discuss This Question: 6  Replies

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
  • TomLiotta

    Will it be possible to get Windows IP Address & User Profile from iSeries?

    Yes. But you need to define "login" and "logout" first.

    Do you care if access is to the database? Or FTP? Or Remote Command? Does it matter if logins happen with iSeries Navigator?

    Or do you only care about telnet, and everyone can use all of the other ways to login and you won't track those? If it's telnet only, do you want to track secondary jobs (e.g., via TFRSECJOB or SysReq option 1) or only a single job?

    It's necessary to be clear about exactly what needs to be tracked. The various logins can be different, and characteristics of things like secondary jobs can add confusion for auditing.

    Tom

    125,585 pointsBadges:
    report
  • deepu9321

    Hi Tom,

    Here is what I meant by Login and Logout.

    Login - Connecting to iSeries

    Logout - Disconnecting from iSeries.

    Actually, I will  need to track this for audit purpose and I need to consider 'Accessing Database', 'Remote Command' or 'Emulator/iSeries Navigator'.

    And, I want to track the Windows User Profile & Windows IP Address. But, I am confused with Tracking if user connects from TELNET (I believe in this case we need to track from User ID of iSeries from which he is connecting).

    Please suggest me if i need to provide any other details.

    Regards,

    Pradeep.

    3,695 pointsBadges:
    report
  • TomLiotta

    That gets you a telnet connection address. All other connections will be ignored.

    One of your problems will be that there is no "logoff" that can be paired with many "logons". For host servers, the logon can be through the Signon Server or to the individual servers. If through the Signon Server, an authentication token can be returned; and the token can be presented to any of the other host servers. The only "logon" would be to the Signon Server, and no "logoff" ever happens. Instead, the authentication token eventually becomes invalid. Configuration can affect behavior.

    A connection to the database server, for example, can show when it starts, but there may be no recognizable indication that it has actually ended. You can probably find T/JS entries in the system audit journal that indicate that a database server job has ended, but the configuration of pre-start jobs on your system may determine how many users connected to a given instance.

    The TCP/IP servers will usually have an indication of both "logon" and "logoff", but it can take some work to track them down. A FTP Server job, for example might show a T/JS audit journal entry with a subtype of "M" to indicate that the current profile has changed when a user QUITs the connection.

    In short, you need to be very specific how you define "logons" and "logoffs". If you want to track them completely, it's not trivial. Most such info (even for telnet) can be retrieved from T/JS audit journal entries. In current OS releases, the IP address of the remote system (the PC) is part of the audit journal entry.

    It can take some practice to see how the various audit journal entries are connected to different servers and different functions. For anything more detailed, you might want to write exit programs for the various servers.

    The TCP/IP servers have to behave in ways consistent with the various RFCs. Host servers behave according to how IBM designs them for the system. Because of that, there may be two general categories of behaviors that you'll need to account for.

    Tom

    Tom

    125,585 pointsBadges:
    report
  • frank4075
    Hi,
                                                                    
    Maybe you can get some information with "PowerLock" or "Bsafe"....

    OR you can coding PGM to get some information 
    with system auditing(QAUDJRN) or with API(EXITPGM) like 
    QIBM_QZDA_INIT        Database Server - entry                     
    QIBM_QTMF_SERVER_REQ  FTP Server Request Validation               
    QIBM_QTMF_SVR_LOGON   FTP Server Logon                            
    QIBM_QTMX_SVR_LOGON   REXEC Server Logon      
    QIBM_QTF_TRANSFER     Original File Transfer                      
    QIBM_QZDA_NDB1        Database Server - data base                 
    QIBM_QZDA_NDB1        Database Server - data base                 
    QIBM_QZDA_ROI1        Database Server - object info               
    QIBM_QZDA_SQL1        Database Server - SQL access                
    QIBM_QZRC_RMT         Remote Command/Program Call                 
    ....etc

    best regards

    Frank
    85 pointsBadges:
    report
  • TomLiotta

    Maybe you can get some information with “PowerLock” or “Bsafe”…

    Products such as those have a license purchase cost as well as ongoing maintenance costs.

    But such costs are usually significantly less than the cost of paying a developer to do the work. That can become more true as new OS versions introduce new issues, and the developer has to scramble to learn what's wrong while database access is blocked or accesses become open with no tracking or other serious problems break the integrity of the programming.

    And that's all beyond the point of ensuring exactly correct handling of exit program functions. If the behavior of exit programs is not fully and clearly understood, the risk from returning an inappropriate 'Allow/Reject' flag back to the server for example, can be disastrous. It's possible for some exit program functions to override OS authority. Someone could gain full access to the system under some circumstances without needing to know related authentication strings. (I've seen widely respected example code posted on the internet that did that. The author was notified, but I haven't tested later versions.)

    For those and other reasons, IMO, the best choice is a licensed product. Second choice would be extraction from the system audit journal. And only if those are rejected for feasibility,locally written and maintained exit programs.

    Tom

    125,585 pointsBadges:
    report
  • frank4075
    Thanks tom supplementary instructions 

    I thank It is the best way that we can choose own way in  each different environments .

    Frank
    85 pointsBadges:
    report

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Thanks! We'll email you when relevant content is added and updated.

Following