Scribd
Upload
227 views

Display Authorized Users: DSPAUTUSR SEQ ( GRPPRF) - The Group Profiles Are Listed Alphabetically in

The document discusses user profiles on the AS400 system. It provides information on displaying authorized users, IBM supplied user profiles like QSECOFR and QSYS, and describes what a user profile is and how it identifies a user and authorizes their access. It also discusses group profiles and how they allow common attributes and access for groups of users, and outlines commands for managing user profiles like CRTUSRPRF, CHGUSRPRF, and WRKUSRPRF.

Uploaded by

Ajay kumarreddy
Copyright
© © All Rights Reserved
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
227 views

Display Authorized Users: DSPAUTUSR SEQ ( GRPPRF) - The Group Profiles Are Listed Alphabetically in

The document discusses user profiles on the AS400 system. It provides information on displaying authorized users, IBM supplied user profiles like QSECOFR and QSYS, and describes what a user profile is and how it identifies a user and authorizes their access. It also discusses group profiles and how they allow common attributes and access for groups of users, and outlines commands for managing user profiles like CRTUSRPRF, CHGUSRPRF, and WRKUSRPRF.

Uploaded by

Ajay kumarreddy
Copyright
© © All Rights Reserved
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 3

As400

USER PROFILES

Display Authorized Users


The Display Authorized Users (DSPAUTUSR) command displays or prints the
names of the authorized system users, in alphabetic order. The following
information is provided for each user: the group profile of which the user is a
member, the most recent password change date, whether the user profile has a
password, and the text of the user profile.

Note: While this command is searching for user profile information to display,
another job cannot change user profiles (for example, with the Change User
Profile (CHGUSRPRF) command).

Restriction: The list of system users contains only the names of the user profiles
to which the user of this command has at least read (*READ) authority.

DSPAUTUSR SEQ(*GRPPRF) --> The group profiles are listed alphabetically in


the group profile column. Members of that group are displayed alphabetically in
the user profile column.

DSPAUTUSR SEQ(*USRPRF) --> This command displays the names of the


system users in alphabeticorder. For each user the following columns are
displayed:
Group profile the group profile of which the user is a member
Password Last Changed the last password change date
No password contains an X is the user has no password. Note that this
means that the user cannot sign on
Level 0 or 1 Password - *YES, the user has a password for password levels 0 or
1 as required by the QPWDPVL system value
Level 2 or 3 Password - *YES, the user has a password for password levels 2 or
3 as required by the QPWDPVL system value
Netserver Password *YES, the user has a Netserver password (enables
Windows clients to access shared directory paths and shared output queues)
Local Pwd Mgt *YES, the user profile password is managed locally (on the
AS/400). When the password is not management locally, users cannot access
the system by direct sign-on, but through other platforms.
Labels: User Profiles

IBM Supplied User Profiles


The following are the few user profiles shipped with the operating system

QSECOFR - Security Officer


QPGMR - Programmer
QBRMS - BRMS profile
QSPL - Spool profile
QSRV - Service profile
QSYS - System profile
QSYSOPR - System Operator profile
QTCP - Transmission Control Protocol (TCP) profile
QDFTOWN - For ownership purposes

Labels: User Profiles

User Profiles
User Profiles
A user profile is an object that identifies a particular user or a group of user to
the AS/400 system. The user is known in the system by user profile name. When
a workstation signs on, the user id is used to find the user profile setting. The
password is defined in the user profile. All AS/400 system security functions rely
on the user profile to describe each user. The user profile identifies the
authorities to that user.

User Profiles contain information describing a system user, that user's privileges
and limitations when using the system, and lists of objects the user owns or is
authorized to use. For objects owned by a user, the profile also contains lists of
other users' authorizations to those objects.

Group Profiles
A group profile is used to provide the same profile for a group of users. This
eliminates the need to assign the authority to each user individually.

A User Profile may be linked to a group profile. This allows all the members of
the group to share common attributes, common access to selected objects, and
common ownership of objects.

A group profile is implemented as a user profile; that is, it is created just like a
user profile, and when granting authority, the AS/400 does not treat groups any
differently than user profiles. The two uses may be intermixed. For easy
management it is better that user and group profiles be used as separate
entities. One way to enforce this is to set the group profile password to *NONE.
This prevents any sign on to the profile.

User Profile Management:


Create User Profile :

The create User Profile (CRTUSRPRF) command identifies a user to the system
and allows you to customize the way the system appears.

Delete User Profile :

The Delete User Profile (DLTUSRPRF) command allows a user to delete a user
profile from the system. The User Profile cannot be deleted if a user is currently
running under the profile
The Change User Profile (CHGUSRPRF) command changes the values specified in
a user profile. The password validation rules are not verified by the system
when a password is changed by this command.

The Work with User Profiles (WRKUSRPRF) display shows you a list of user
profiles that you have authority to use. Only someone with either system
security officer or security administrator authority can set up these user profiles
which determine what system displays and functions each person is authorized
to use. If you do not have proper authority, only your user profile will be
displayed.
You can do the following with WRKUSRPRF command
1. Create a user profile
2. Change a user profile
3. Copy a user profile
4. Delete a user profile
5. Display a user profile
Note: You must have one or more special authorities (such as *SECADM) to
perform above operations.

You might also like