Register

Forgot Password

Site FAQ

Home > IT Answers > AS/400 > User Profile in AS400 System

Ipas400

5 pts.

User Profile in AS400 System

AS/400 administration

Hi How to find who has created the USER PROFILE and when it was created? Also What special authority need to find this? Thanks in Advance.

Software/Hardware used:
AS400 and OS400

ASKED: March 29, 2010 10:52 AM

UPDATED: July 6, 2010 7:08 PM

RELATED QUESTIONS

Answer Wiki:

Try this question <a href="http://itknowledgeexchange.techtarget.com/itanswers/as400-who-created-a-user-profile/">http://itknowledgeexchange.techtarget.com/itanswers/as400-who-created-a-user-profile/</a> ====================================================== ...both only show the user that created it but this could not be the TRUE user that created the profile. Although the statement from below is correct, it is usually irrelevant. Essentially every action is performed by a 'user' and every one may be initiated by some 'true user'. The underlying principle simply must always be kept in mind during any forensic process. It is perhaps worth noting in discussion but might confuse the direct answer. The direct answer is that the 'Created by user' attribute of the *USRPRF object is the user that created that *USRPRF. Tom ====================================================== While hte solutions in the above link are the normal process, they have shortcomings. both only show the user that created it but this could not be the TRUE user that created the profile. Object Description o fthe profile in Question: Creation date/time . . . . . . . . . : 03/29/10 13:45:55 Created by user . . . . . . . . . . : MISOPR The best method is a two part one. * Use the CPYAUDJRNE command as specified in the other answer. * Once you find the correct entry, look for the job that created it. Job User Job name name number QDFTJOBD MISOPR 982295 * Do a WRKJOB or DSPJOB on the job that created the profile in question. * Display the joblog and look for something similar to this where that job was submitted from another job. CPI1125 Information 00 03/29/10 13:45:55.528096 Message . . . . : Job 982295/MISOPR/QDFTJOBD submitted. Cause . . . . . : Job 982295/MISOPR/QDFTJOBD submitted to job queue QBATCH in QGPL from job 982294/MISBXG/CONSOLEBG1. * Note that the job that created the profile was submitted by another job from a different user name. So in this example, MISBXG was the user that actually created the profile. This scenario may not always be the case and it is not to say that anything underhanded is being attempted, it's just that the process for creating profiles may be done via some sort of automation and possible from another system. So don't take for granted that the 'created by' user is the actual culprit.

======================================================

...both only show the user that created it but this could not be the TRUE user that created the profile.

Although the statement from below is correct, it is usually irrelevant. Essentially every action is performed by a 'user' and every one may be initiated by some 'true user'.

The underlying principle simply must always be kept in mind during any forensic process. It is perhaps worth noting in discussion but might confuse the direct answer.

The direct answer is that the 'Created by user' attribute of the *USRPRF object is the user that created that *USRPRF.

Tom

======================================================

While hte solutions in the above link are the normal process, they have shortcomings.
both only show the user that created it but this could not be the TRUE user that created the profile.

Object Description o fthe profile in Question:
Creation date/time . . . . . . . . . :   03/29/10  13:45:55
Created by user  . . . . . . . . . . :   MISOPR

The best method is a two part one.
*  Use the CPYAUDJRNE command as specified in the other answer. 
*  Once you find the correct entry, look for the job that created it.

Job                     User           Job    
name                name         number 
QDFTJOBD    MISOPR      982295

*  Do a WRKJOB or DSPJOB on the job that created the profile in question.  
*  Display the joblog and look for  something similar to this where that job was submitted from another job.

CPI1125    Information             00   03/29/10  13:45:55.528096
Message . . . . :   Job 982295/MISOPR/QDFTJOBD submitted.                    
                     Cause . . . . . :   Job 982295/MISOPR/QDFTJOBD submitted to job queue QBATCH in QGPL from job 982294/MISBXG/CONSOLEBG1.

*  Note that the job that created the profile was submitted by another job from a different user name.  So in this example, MISBXG was the user that actually created the profile.

This scenario may not always be the case and it is not to say that anything underhanded is being attempted, it's just that the process for creating profiles may be done via some sort of automation and possible from another system.

So don't take for granted that the 'created by' user is the actual culprit.

Last Wiki Answer Submitted: July 5, 2010 8:00 pm by Bggas400

160 pts.

All Answer Wiki Contributors: Bggas400

160 pts. , JimmyIT

1,710 pts.

To see all answers submitted to the Answer Wiki: View Answer History.

RSS - Discussions Help

Discuss This Question:

_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

POSTED: Mar 29, 2010 1:10 PM (GMT)

dspobjd *all/profile *usrprf – Select option 5 to display. This will show you who created it and on what date. You shouldn’t have any security issues displaying his.

Abigail

645 pts.

POSTED: Mar 30, 2010 2:01 AM (GMT)

WRKUSRPRF option 5-Display
Display User Profile – Basic shows the following

Previous sign-on . . . . . . . . . . . . . :
Sign-on attempts not valid . . . . . . . . :
Status . . . . . . . . . . . . . . . . . . :
Date password last changed . . . . . . . . :
Password expiration interval . . . . . . . :
Set password to expired . . . . . . . . . :
Local password management . . . . . . . . :
User class . . . . . . . . . . . . . . . . :
Special authority . . . . . . . . . . . . :
Group profile . . . . . . . . . . . . . . :
Owner . . . . . . . . . . . . . . . . . . :
Group authority . . . . . . . . . . . . . :
Group authority type . . . . . . . . . . . :
Supplemental groups . . . . . . . . . . . :
Assistance level . . . . . . . . . . . . . :
Current library . . . . . . . . . . . . . :
Initial program . . . . . . . . . . . . . :
Library . . . . . . . . . . . . . . . . :
Initial menu . . . . . . . . . . . . . . . :
Library . . . . . . . . . . . . . . . . :
Limit capabilities . . . . . . . . . . . . :
Text . . . . . . . . . . . . . . . . . . . :
Display sign-on information . . . . . . . :
Limit device sessions . . . . . . . . . . :
Keyboard buffering . . . . . . . . . . . . :
Storage information:
Maximum storage allowed . . . . . . . . :
Storage used . . . . . . . . . . . . . . :
Storage used on independent ASP . . . . :

c007

285 pts.

POSTED: Mar 30, 2010 8:16 AM (GMT)

Try the following command and then press enter on the command line.

DSPOBJD OBJ(User ID) OBJTYPE(*USRPRF)

Then use option 5 = Display Full Attributes

Jkbritvic

65 pts.

POSTED: May 20, 2010 3:49 PM (GMT)

Try this…
DSPUSRPRF USRPRF(*ALL) TYPE(*BASIC) OUTPUT(*OUTFILE) OUTFILE(your library) *FIRST, *ADD

The syntax may not be 100 accurate, but once created query on the file created in the library you selected.

DLM2007

280 pts.

POSTED: Jul 6, 2010 7:08 PM (GMT)

I just use WRKOBJ.

Splat

5,730 pts.

Ask a Question

Browse IT Answers by Topic

>>VIEW ALL TAGS

Community Blog | About Us | Contact Us | FAQ | Terms of Use | DMCA Policy

TechTarget provides enterprise IT professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective IT purchase decisions and managing their organization's IT projects - with its network of technology-specific Web sites, events and magazines.
All Rights Reserved, Copyright 1999-2013, TechTarget | Read our Privacy Policy
Questions and Answers Index 1 | Questions and Answers Index 2 | IT Topics Index 1 | IT Topics Index 2 | Blogs Index | Blogs Tags