Re: Howto replicate AS400 User Profiles
- From: "JohnO" <johno1234@xxxxxxxxx>
- Date: 11 Apr 2007 03:47:42 -0700
On Apr 11, 4:43 pm, "mike" <m...@xxxxxxxx> wrote:
"JohnO" <johno1...@xxxxxxxxx> wrote in message
news:1176265299.894293.206390@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
| On Apr 11, 4:13 pm, "mike" <m...@xxxxxxxx> wrote:
| > "JohnO" <johno1...@xxxxxxxxx> wrote in message
| >
| >news:1176262013.721611.165560@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
| > | Hi All,
| > |
| > | We have two physical machines here and user profiles currently
| > | replcate from one to the other using NoMax data mirroring
software.
| > | However we've now added a number of LPARs to both machines, and
need
| > | to replicate all user profiles to these too. Using NoMax is not
an
| > | option as the licence cost would be too high. I had figured on
just
| > | saving and restoring them but that doesn't seem to work with
*USRPRF
| > | objects.
| > |
| > | Any suggestions?
| > |
| > | Thanks in advance,
| > | JohnO
| > |
| > | PS: V5R4
| > |
| >
| > If you are happy with a batch process and do not need real time
| > processing of individual profiles being added and updated
throughout
| > the day, need to look up the SAVSECDTA, RSTUSRPRF, and RSTAUT
| > commands.
| >
| > With SAVSECDTA you can save all the profiles and their security
info
| > to a save file then distribute that file to all partitions and
then
| > use the restore commands to bring everything up to date.
| >
| > With a lot more work, my team built a real time system, but issues
| > such as user entered password changes require a lot of explaining.
If
| > you need that let me know in a follow up post and I will send you
my
| > real e-mail address.
| >
| > Mike Sicilian
|
| Thanks Mike,
|
| I think the batch option is going to be ok and I can get my head
| around it. There's restrictions on this if *ALL is used, right?
You'd
| have to code a loop to do the users one at a time?
|
| Does your real time option use exit points? That could work for us.
| I'm not so concerned about password changes. My main interest is
that
| if a user is added on the master machine that it be created
| identically on the other machines, and if the profile is disabled
that
| this also happen on the other machines. Should this be straight-
| forward with exit points?
|
| Cheers
| JohnO
|
| I love this newsgroup!
|
John,
It has been years since I worked on this but we used the change
password user exit to enforce our password rules and also distribute
passwords to all systems in our network.
I recommend that you assign all authorities to group profiles that
have no password and are only used as security holders. Individual
users should all be attached to the appropriate group. The benefit of
this is that the number of authorities that need to be restored for
the real users is very small.
Mike
That's exactly what we are doing already! :-)
Cheers,
JohnO
.
- Follow-Ups:
- Re: Howto replicate AS400 User Profiles
- From: nsm
- Re: Howto replicate AS400 User Profiles
- References:
- Q: Howto replicate AS400 User Profiles
- From: JohnO
- Re: Howto replicate AS400 User Profiles
- From: mike
- Re: Howto replicate AS400 User Profiles
- From: JohnO
- Re: Howto replicate AS400 User Profiles
- From: mike
- Q: Howto replicate AS400 User Profiles
- Prev by Date: Re: Howto replicate AS400 User Profiles
- Next by Date: Re: Displaying A Stored Procedure
- Previous by thread: Re: Howto replicate AS400 User Profiles
- Next by thread: Re: Howto replicate AS400 User Profiles
- Index(es):
Relevant Pages
|
