Solved

Is there a way to Setup my AS400 Session so that I automatically logs me on without having to type username/password?

Posted on 2010-08-26
9
1,465 Views
Last Modified: 2013-12-06
I have to login and out of AS400 sessions all the time and hate having to login everytime. Is there a way to setup some kind of automation where I dont' have to enter username and password on green screen? Maybe a setup in Operations Navagator?

Anything would help.

Thanks!
8-26-2010-10-33-59-AM.jpg
0
Comment
Question by:matrix0511
9 Comments
 
LVL 34

Accepted Solution

by:
Gary Patterson earned 500 total points
ID: 33536014
CHGSYSVAL QRMTSIGN *VERIFY

Changing this system value allows remote users to sign on using cached credentials.  Client Access caches signon credentials when a user first makes a Client Access connection.  If QRMTSIGN is *VERIFY, then signon using these cached credentials is allowed.

- Gary patterson
0
 

Author Comment

by:matrix0511
ID: 33536331
Gary,

running that command, will it change it for ALL users?

is there anyway to run it for just my login?? I'm not sure management will want other users with ablility to cache there login info.

let me know. THanks!
0
 
LVL 27

Expert Comment

by:tliotta
ID: 33537461
Note that you also will need to have your connection set to enable "bypass signon".

Technically, everyone probably ought to be set up to bypass signon. The telnet Signon screen is one of the biggest security holes in the system unless you're running over VPN or have otherwise encrypted sessions. The Signon screen was useful in the days of direct-attach terminals. In telnet environments, it's trouble waiting to happen.

Tom
0
 

Author Comment

by:matrix0511
ID: 33538593
So Tom, tell me the best way to set this up for "bypass signon"? Can you send me the steps for the setup please? Thanks.
0
How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

 

Author Comment

by:matrix0511
ID: 33538596
Guys I just heard there are Macros you can setup to auto login to green screen. They said to go to: go to Edit, Preferences, Macro/Script.  Is this true? If so, would that be a better option?
0
 

Author Comment

by:matrix0511
ID: 33538615
Well guys I just figured this all out without having to run that CHGSYSVAL command or bypass setting.

I followed the steps below using recorded macros:

When you are at the signon screen, click on the start macro, go through the steps of signing on the green screen. Once you have signed on, click on stop macro. Then you can go to Edit, Preferences, Macro/Script, select the Macro you created and click on OK. Each time you sign on to the green screen it will automatically put in the user name and password.

That works beautifully! Whenn I open my session it automatically logins and enters all the way to where I want to me. awesome.
0
 
LVL 16

Expert Comment

by:theo kouwenhoven
ID: 33539758
Hi matrix0511,

Record a macro with the name e.g. login.mac with settings:

Record format = Macro File
Record User Wait  Time = None

Enter your user-id + (field exit)
Enter your password + (field exit) + (Enter)

Stop recording

go to Edit, Preferences, Macro/Script.
Select the just created macro e.g. login.mac.

Save the session with file save.

Thats-all!

Good luck
0
 

Author Closing Comment

by:matrix0511
ID: 33540874
The information Gary gave can be beneficial in the future.
0
 
LVL 34

Expert Comment

by:Gary Patterson
ID: 33550060
Macros can be a good option for repeated operations like this, but I don't recommend using macros in this particular fashion (unless, perhaps you work from home and have a secure PC where nobody can access your file system remotely).

The biggest problem with recording a macro like this is that your password is stored in plaintext in the macro file, which makes it possible for anyone that can gain access to the macro file to discover your password.  Storing passwords in plaintext like this violates security standards in many environments, and even if your organization doesn't have a specific policy, it is just a bad security practice in general.  

It is even worse if your profile is highly-privileged, as it may make you a specific candidate for password-discovery attempts.

Any user that is familiar with client access macros will immediately recognize what you are doing and likely realize that your password is stored in the macro file if they see you log in in this fashion.

As Tom points out, using the TN5250 logon screen (in the default non-SSL environment) presents another plaintext password exposure.

To avoind this vulnerability, implement SSL for all TN5250 connections.  This ensures that all conversations between the AS/400 and the client PC are encrypted, and that passwords are never sent in plaintext.  

Unless you've done a lot of network security work, it may seem incredible that one of your users might have the knowledge to monitor network traffic, but in the course of doing network security audits over the years, I've caught several end users (and even more network admin staffers) snooping on user network traffic and capturing user IDs and passwords using tools like dedicated password sniffers, general purpose sniffers,  and packet capture software.

For convenience, consider allowing users to bypass TN5250 signon, as long as good workstation-locking procedures are enforced in your environment.

http://publib.boulder.ibm.com/infocenter/iseries/v5r3/index.jsp?topic=/rzaiw/rzaiwscenariossl.htm

- Gary Patterson

0

Featured Post

What Security Threats Are You Missing?

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

Many people tend to confuse the function of a virus with the one of adware, this misunderstanding of the basic of what each software is and how it operates causes users and organizations to take the wrong security measures that would protect them ag…
Windows 10 is here and for most admins this means frustration and challenges getting that first working Windows 10 image. As in my previous sysprep articles, I've put together a simple help guide to get you through this process. The aim is to achiev…
Polish reports in Access so they look terrific. Take yourself to another level. Equations, Back Color, Alternate Back Color. Write easy VBA Code. Tighten space to use less pages. Launch report from a menu, considering criteria only when it is filled…
When you create an app prototype with Adobe XD, you can insert system screens -- sharing or Control Center, for example -- with just a few clicks. This video shows you how. You can take the full course on Experts Exchange at http://bit.ly/XDcourse.

759 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

24 Experts available now in Live!

Get 1:1 Help Now