you can do this the old fashion way using the CRTUSRPRF command.
or you can add users through the iSeries Access for Windows software (Operations Navigator)
I tend to copy existing profiles once I’ve got a good template to work with.
Of course you’ve got all kinds of questions to answer about security when setting up new users.
What user class should they be?
Do they need special authorities?
Job descriptions, password expiration interval, etc…
Here’s a good article to read if you’ve got the time before you start.
If your first step is starting by logging on as QSECOFR, then your second step needs to be the creation of a substitute for QSECOFR.
Run this command:
Use any name; ASECOFR is as good as any. Then signoff of the QSECOFR session and signon as ASECOFR. The temporary password will be ASECOFR, and you’ll have to change it before the signon can be completed.
From then on, use ASECOFR instead of QSECOFR except when QSECOFR is required. QSECOFR may only be needed when you read IBM instructions that tell you to signon as QSECOFR.
Keep the QSECOFR password hidden and available to some manager. And keep the ASECOFR password secure. You won’t likely create a more important profile.
Once ASECOFR is comfortable, do as much work as you can through iSeries Navigator. Learning the Navigator interface will be important, as will be learning how it connects and the servers it connects to.