gmollineau
asked on
Check when iSeries user password was changed
Hi
We have had a password for a iSeries user profile changed. this is a user that is used by internal programs only.
I would like to find out when the password was changed and by whom.
Is there a command I can use for this?
Regards
Gerald
We have had a password for a iSeries user profile changed. this is a user that is used by internal programs only.
I would like to find out when the password was changed and by whom.
Is there a command I can use for this?
Regards
Gerald
While the "Date password last changed" is stored as part of the *USRPRF object (DSPUSRPRF *BASIC), the name of the user who changed it is not.
To capture this information requires some configuration.
You can either configure and enable the Security Audit Journal (my recommended solution), which will capture the name of the user and job that changes a given profile's password, or you can create an exit point program for the QIBM_QSY_CHK_PASSWRD exit point that logs the information you want when a password is changed.
I recommend security auditing. It is flexible and provides the capability to track lots of security-related changes.
https://www.ibm.com/support/knowledgecenter/ssw_ibm_i_74/rzarl/rzarlusesecjnl.htm
https://www.ibm.com/support/knowledgecenter/ssw_ibm_i_74/apis/xsyckphr.htm
To capture this information requires some configuration.
You can either configure and enable the Security Audit Journal (my recommended solution), which will capture the name of the user and job that changes a given profile's password, or you can create an exit point program for the QIBM_QSY_CHK_PASSWRD exit point that logs the information you want when a password is changed.
I recommend security auditing. It is flexible and provides the capability to track lots of security-related changes.
https://www.ibm.com/support/knowledgecenter/ssw_ibm_i_74/rzarl/rzarlusesecjnl.htm
https://www.ibm.com/support/knowledgecenter/ssw_ibm_i_74/apis/xsyckphr.htm
ASKER
Not exactly what i was looking for but helpful in a way.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks
This is helpful in guiding me to put something in place.
Gerald
This is helpful in guiding me to put something in place.
Gerald
Using command WRKOBJ OBJ(*ALL/profilename) OBJTYPE(*USRPRF) ,
you can see the last change date/time by placing option 8 infront of the line (2nd screen)
The user by whom is to find in your joblog.
By placing option 5 you can see the authorization for this object, maybe you have to limit that.
Cheers