Solved

Delete user profile automatically

Posted on 2001-06-20
7
514 Views
Last Modified: 2007-11-27
Users on our system are spread around the world, people are terminated or quit without us knowing about it. We have a policy to delete any user profiles with no activity for 6 months.

Is it possible to do this with in a CL program or something? I want to automate the process.
0
Comment
Question by:roosterup
  • 4
  • 2
7 Comments
 
LVL 16

Expert Comment

by:theo kouwenhoven
ID: 6213495
Hi roosterup,

We have did it already some time ago, but I'm not alowed to give you the source (company policy?).
But it works this way:
Create a CL-Program that will look like this:

Create a file with:
DSPUSRPRF USRPRF(*ALL)
          TYPE(*BASIC)
          OUTPUT(*OUTFILE)
          OUTFILE(library/file)
          OUTMBR(*FIRST *REPLACE)

use RCVF to read the records.
use the field UPPSOD to select the last logon date.
(exclude the standard users as QSECOFR QUSER etc. and also the users that are used for other jobs as FTPUSR etc.)

The selected user can be removed with:
DLTUSRPRF USRPRF(USER)          
          OWNOBJOPT(*CHGOWN new-owner)

The new owner can be a special created owner for this purpose or a standard user as QUSER.

Beware that you don't remove 'group profiles that are still in use'

Good lock.
0
 
LVL 13

Expert Comment

by:samic400
ID: 6213828
murphey2 has the idea.

I'd be glad to put together some quick source code if you need it.

put this program in the IBM job schedule (or other job scheduler - Robot) and have it run automatically each month.
0
 
LVL 1

Author Comment

by:roosterup
ID: 6214217
samic400

that would be kewl, must increase points for that.
0
Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

 
LVL 16

Expert Comment

by:theo kouwenhoven
ID: 6214358
(additional information)

Beware: new userid's have a blank date, in that case you can use the field UPPWCD or even better!!!
Use in that case the creation date from the USRPRF-object

 RTVOBJD OBJ(userid)
         OBJTYPE(*USRPRF)
         CRTDATE(&DATE)    

(and don't forget to calculate the century fields)

UPPSOC for the Sign-on date
  and
UPPWCC for the password change date.

The creation date of the object is including the century (and time) in format CYYMMDDHHMMSS.

Regards Murphey
0
 
LVL 16

Expert Comment

by:theo kouwenhoven
ID: 6214401
(addition 2)

To make no exceptions (makes the programming a lot easyer)

you can always retrieve the object description and use the last-used date to decide if the userprofile has to be deleted.
In that case use:
                         
RTVOBJD OBJ(userid)
        OBJTYPE(*USRPRF)
        CRTDATE(&CRTDAT)
        USEDATE(&USEDAT)

format:
(CRTDATE CYYMMDDHHMMSS)
(USEDATE CYYMMDD)
0
 
LVL 13

Accepted Solution

by:
samic400 earned 200 total points
ID: 6215602
       pgm
        dcl &diff *dec (3 0)
        dclf file(lib/file)

        dspusrprf usrprf(*all) output(*outfile)   outfile (lib/file)

 read:  rcvf
        monmsg cpf0864  exec(goto end)
       
     /* you'll need code here to:   */
     /*   1 - weed out profile you wish to exclude - */
     /*       mostly all start with Q                */
     /*   2 - code to check for UPPSOD date being blank */
     /*       which means it hasn't been used - murphey2*/
     /*       had right idea about RTVOBJD cmd          */
     /*   3 - if date found, I'd convert to some sort of*/
     /*       julian date to see if not used in over 6  */
     /*       many ways to do this                   */

     if (&diff *gt 180) then(do)
     dltusrprf  usrprf(&UPUPRF) ownobjopt(*chgown quser)
     monmsg cpf0000 exec(do)  /* in case cannot do it */
     /* may want to send a message to someone with */
     /* reason why cannot delete - rcvmsg to get the */
     /* details is the way I'd do it                */
     enddo

     enddo

     goto read

 end: endpgm

I recommend you compile under QSECOFR and that the file in DCLF statement exists. That way not playing games with using OVRDBF with IBM files.                                                                      
0
 
LVL 16

Expert Comment

by:theo kouwenhoven
ID: 6216021
Hey... my idea and no points ????
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
AS400 Single Sign On 3 1,156
AS400 RPG36 Cursor location on a Screen 7 139
Domino Lotusscript Scheduled Agent Tranfer File from AS400 to another 6 106
IBM flash storage 840 15 59
Some code to ensure data integrity when using macros within Excel. Also included code that helps secure your data within an Excel workbook.
This article aims to explain the working of CircularLogArchiver. This tool was designed to solve the buildup of log file in cases where systems do not support circular logging or where circular logging is not enabled
This Micro Tutorial demonstrates using Microsoft Excel pivot tables, how to reverse engineer competitors' marketing strategies through backlinks.
Migrating to Microsoft Office 365 is becoming increasingly popular for organizations both large and small. If you have made the leap to Microsoft’s cloud platform, you know that you will need to create a corporate email signature for your Office 365…

864 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

22 Experts available now in Live!

Get 1:1 Help Now