Please define “terminated users”. — Tom
The users whose access were revoked or their ID’s are disable because they left the organization. We are in need of this for audit purpose.
Depending on what is meant by access being “revoked”, most likely you will retrieve entries from the system audit journal, QAUDJRN. And that will depend on whether or not your system is auditing for the actions that you want to track. Entries that you might have available are listed in Layout of audit journal entries (or Appendix F of the Security Reference manual if you use the .PDF version). The DSPJRN command is used to select entries. — Tom
Unfortunately, the QSYRUSRI API won’t return the needed information. (That’s especially true if access was “revoked” by deleting the user profile, but is also true for most other needed data.) — Tom