Tracing the AS/400 User profile by IP Address while signoff

180 pts.
Tags:
AS/400 Client Access
AS/400 user profiles
IP address
MAC address
I want to trace a particular userprofile, login from which IP Address (PC)while he is sign off from the AS400 user was being connected through client/access
ASKED: January 19, 2011  4:07 PM
UPDATED: January 25, 2011  3:39 AM

Answer Wiki

Thanks. We'll let you know when a new response is added.

Write a RPG (or CL) program to save the data and put it in the INLPGM user profile’s parameter. (Initial program).
With this parameter, every time the user signs in the program will save the data you wish.

The API QDCRDEVD with format DEVD0600, returns ipAddress in position 877 to 891.

Hope this helps.

Discuss This Question: 8  Replies

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
  • TomLiotta
    ...login from which IP Address (PC)while he is sign off from the AS400... I don't understand this part -- "while he is sign off from the AS400". Can you explain it, please? Tom
    125,585 pointsBadges:
    report
  • Syedm
    User has been sign off from AS400. For example: user sign in at 10:00 am and sign off at 11:00 am but after he sign off, at 12:00 noon i need to check from which location (PC) he gets sign in to As400, from the DSPLOG i can check only his sign in and sign off time, And i cannot trace him with workstation Id's, i want to know from which pc he was signed in. Thanks Syed Muneer
    180 pointsBadges:
    report
  • HMSSL2K
    You can assign specific display names to each session of a user. When the user logs-off it will create a job log for that device name. We do it for all our employees display stations. It does help when you need to find out what a user did.
    3,175 pointsBadges:
    report
  • TomLiotta
    Depending on what OS version/release you're running and which audit options you have enabled, the info might already be in your system audit journal. For example, if you are at any current release and you're auditing job data, you should see a T/JS entry marking the start of the job for that user. The job name will be the name of the device that the user accessed. The 'entry details' should include the IP address of the PC (or whatever the remote system was). Tom
    125,585 pointsBadges:
    report
  • Syedm
    [...] Original post:  Tracing the Userprofile by IP Address while signoff [...]
    0 pointsBadges:
    report
  • Syedm
    We are having OS V5R3, please can you provide the complete command, as I don't have idea how to find T/JS, and i am not sure about auditing the job jda, please let me know how to enable.
    180 pointsBadges:
    report
  • HMSSL2K
    Show us your work for we can make suggestions for you.
    3,175 pointsBadges:
    report
  • TomLiotta
    The basic access is through the DSPJRN command:
    DSPJRN JRN(QAUDJRN) RCVRNG(*CURCHAIN) JRNCDE((T)) ENTTYP(JS) USRPRF( myUser )
    I don't know how your system handles audit journal receivers, so I don't know if RCVRNG(*CURCHAIN) is appropriate. You might need to specify starting date and time. Also, I don't know anything about how jobs run on your system; so I can't guess which job names to look for. You can possibly ignore all jobs with names that start with "Q" except for jobs that start with "QPADEV" You might not have an audit journal and, if you do have one, you might not be authorized to look at it or the receiver might already be deleted for the time you want or your system might not be auditing Job Start (JS) data. I don't know anything about how your system was configured nor what preparation anyone has done to it. Your request essentially assumes that someone set your system up to audit events. If there has been no preparation, the question needs to go back to basics. Tom
    125,585 pointsBadges:
    report

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Thanks! We'll email you when relevant content is added and updated.

Following