SCNUSRPRFA -- Scan User Profile

SCNUSRPRFA SCAN USER PROFILE ATTRIBUTES TAASEIF
The Scan User Profile Attributes command scans one, generic, or all user profiles for attribute values. This acts as a simple query to determine the value of attributes of user profiles. You must have ALLOBJ special authority to use SCNUSRPRFA. A typical command would be: SCNUSRPRFA USRPRF(ALL) ATTR(PWDNONE) SCNVAL(YES) SCNOPR(EQ) A spooled file would be displayed of all user profiles that are prevented from having a password. TAASECKP file in TAASECURE -------------------------- When SCNUSRPRFA is used, the TAASECKP file in TAASECURE is accessed with the DSPUSRPRF OUTFILE information. The SCNUSRPRFA REFRESH parameter determines whether the TAASECKP file is refreshed or the existing data is used. The default is REFRESH(YES) to refresh the information. For repetitive use of SCNUSRPRFA, use REFRESH(DAYCHG) which will not refresh the information if the last refresh occurred on the current date. This will provide much faster performance. SCNUSRPRFA escape messages you can monitor for ---------------------------------------------- None. Escape messages from based on functions will be re-sent. SCNUSRPRFA Command parameters CMD ----------------------------- USRPRF The user profile to be scanned. A specific name, a generic name, or ALL for all profiles must be specified. ATTR The User Profile attribute to be scanned for. The value must be one of the following: USRCLS. User class. The scan value must be USER, SYSOPR, PGMR, SECADM, or SECOFR. DSPSGNON. Display last signon. The scan value must be SYSVAL, YES, or NO. PWDCHGDAT. Last password change date. The scan value must be a date in job date format. PWDEXPINT. Password expiration interval. If the scan value is SYSVAL or NOMAX, the scan operator must be EQ or NE. Any scan operator may be used if a decimal value is entered between 1 and 366. PWDNONE. Password none (no password allowed). The scan value must be YES or NO. PRVSGNDAT. Previous signon date. The scan value must be a date in job date format. PWDFAIL. Password fail count. This is the total number of failed attempts (not reset by a valid signon). The scan value must be 11 or less digits. LMTDEVSSN. Limit device sessions. The scan value must be YES, NO, SYSVAL, or a number between 0 and 9. SPCAUT. Special authority. The scan value must be ALLOBJ, AUDIT, IOSYSCFG, SAVSYS, SECADM, SERVICE, or SPLCTL. MAXSTG. Maximum storage allowed in KB. The scan value must be NOMAX, or a number less than or equal to 15 digits. STGUSE. Maximum storage used in KB. The scan value must be a number less than or equal to 15 digits. PTYLMT. Priority limit. The scan value must be a digit between 0 and 9. INLPGM. Initial program. The scan value must be a name or NONE. INLPGMLIB. Initial program library. The scan value must be a name, LIBL, or CURLIB. JOBD. Job description. The scan value must be a user object or QDFTJOBD. JOBDLIB. Job description library. The scan value must be a name, LIBL, or CURLIB. GRPPRF. Group profile. The name of the group profile (if any) or NONE. Supplemental groups are also searched. OWNER. The owner of new objects created by a member of a group profile. The scan value must be USRPRF or GRPPRF. GRPIND. Group profile indication (whether the profile is a group profile). The scan value must be YES or NO. ACGCDE. Accounting code. The scan value may be any value. MSGQ. Message queue. The scan value must be a message queue (normally the same name as the user profile). MSGQLIB. The library where the message queue exists. The scan value is normally QUSRSYS. OUTQ. Output queue. The scan value is normally WRKSTN. OUTQLIB. Output queue library. The scan value must be a name, LIBL, or CURLIB. TEXT. Text description. The scan operator must be CT. The scan value should be entered without quote symbols. It will be folded to upper case by command processing. The text description is folded to upper case before scanning. SPCENV. Special environment. The scan value must be SYSVAL, S36, or NONE. CURLIB. Current library. The scan value must be a library name or CRTDFT. INLMNU. Initial menu. The scan value must be a name or SIGNOFF. INLMNULIB. Initial menu library. The scan value must be blank or a specific library name. LMTCPB. Limit user capabilities. The scan value must be YES or NO. DLVRY. Delivery method. The scan value must be NOTIFY, HOLD, BREAK, or DFT. SEV. Message severity. The lowest severity that will cause an action. It must be a two digit number. PRTDEV. Print device. The scan value must be a name, SYSVAL, or WRKSTN. ATNPGM. Attention program. The scan value must be a name, NONE, SYSVAL, or ASSIST. ATNPGMLIB. Attention program library. The scan value may be a name, blank, LIBL, or CURLIB. STATUS. Status. The scan value must be ENABLED or DISABLED. KBDBUF. Keyboard buffering. The scan value must be SYSVAL, YES, NO, or TYPEAHEAD. ASTLVL. Assistance level. The scan value must be SYSVAL, BASIC, or INTERMED. USROPT. User options. The scan operator must be EQ. The scan value must be CLKWD, EXPERT, ROLLKEY, NOSTSMSG, HELPFULL, PRTMSG, or NONE. SCNVAL The value to be scanned for. Up to 15 bytes may be entered. To scan for non-blank entries enter ' ' and SCNOPR(NE). See the ATTRIBUTE parameter for what is valid for the scan value. SCNOPR The scan operator to be used. EQ is the default. NE, GT, GE, LT, LE, or CT (contains) may be entered. Non-meaningful functions such as scanning the PWDNONE attribute (supports only YES or NO) for a scan operator other than EQ/NE are rejected. REFRESH An option to determine if the DSPUSRPRF OUTFILE function is used to refresh the TAASECKP file in the TAASECURE library. The default is YES meaning the file will be refreshed. DAYCHG may be specified which means the file will be refreshed if the last time the file was output was on a different day. DAYCHG assumes that you are using the command repeatedly on the same day and do not want to keep refreshing the information. NO may be specified to use the existing data. If no data exists, the file is output. OUTPUT How to output the results. * is the default to display the spooled file if the command is entered interactively. The spooled file is deleted after it is displayed. If the command is entered in batch or PRINT is specified, the spooled file is output and retained. Restrictions ------------ You must have ALLOBJ special authority to use SCNUSRPRFA. Prerequisites ------------- The following TAA Tools must be on your system: CHKALLOBJ Check ALLOBJ special authority CHKGENERC Check generic RTVVALA Retrieve value attributes RTVSYSVAL3 Retrieve system value 3 SNDCOMPMSG Send completion message SNDESCINF Send escape information SNDESCMSG Send escape message SNDSTSMSG Send status message Implementation -------------- None, the tool is ready to use. Objects used by the tool ------------------------ Object Type Attribute Src member Src file ------ ---- --------- ---------- ---------- SCNUSRPRFA CMD TAASEIF QATTCMD TAASEIFC PGM CLP TAASEIFC QATTCL TAASEIFR PGM RPG TAASEIFR QATTRPG

SCNUSRPRFA      SCAN USER PROFILE ATTRIBUTES           TAASEIF


The Scan  User Profile Attributes  command scans  one, generic, or  all
user profiles  for attribute values.   This acts  as a simple  query to
determine the value of attributes of user profiles.

You must have *ALLOBJ special authority to use SCNUSRPRFA.

A typical command would be:

              SCNUSRPRFA   USRPRF(*ALL) ATTR(PWDNONE)
                             SCNVAL(*YES) SCNOPR(*EQ)

A  spooled  file  would be  displayed  of  all user  profiles  that are
prevented from having a password.

TAASECKP file in TAASECURE
--------------------------

When SCNUSRPRFA  is used, the  TAASECKP file  in TAASECURE is  accessed
with  the  DSPUSRPRF  OUTFILE  information.    The  SCNUSRPRFA  REFRESH
parameter  determines whether  the  TAASECKP file  is refreshed  or the
existing data is used.

The default is REFRESH(*YES) to refresh the information.

For repetitive use of SCNUSRPRFA,  use REFRESH(*DAYCHG) which will  not
refresh the  information if  the last refresh  occurred on  the current
date.  This will provide much faster performance.

SCNUSRPRFA escape messages you can monitor for
----------------------------------------------

None.  Escape messages from based on functions will be re-sent.

SCNUSRPRFA Command parameters                         *CMD
-----------------------------

   USRPRF        The  user profile to be  scanned.  A  specific name, a
                 generic  name,  or  *ALL  for  all  profiles  must  be
                 specified.

   ATTR          The User  Profile attribute  to be  scanned for.   The
                 value must be one of the following:

                 USRCLS.   User class.   The scan value  must be *USER,
                 *SYSOPR, *PGMR, *SECADM, or *SECOFR.

                 DSPSGNON.   Display last signon.   The scan value must
                 be *SYSVAL, *YES, or *NO.

                 PWDCHGDAT.   Last  password  change  date.   The  scan
                 value must be a date in job date format.

                 PWDEXPINT.   Password  expiration  interval.   If  the
                 scan  value is  *SYSVAL or  *NOMAX, the  scan operator
                 must be *EQ  or *NE.   Any scan operator  may be  used
                 if a decimal value is entered between 1 and 366.

                 PWDNONE.   Password none (no  password allowed).   The
                 scan value must be *YES or *NO.

                 PRVSGNDAT.    Previous signon  date.   The  scan value
                 must be a date in job date format.

                 PWDFAIL.   Password fail  count.   This is  the  total
                 number  of  failed  attempts (not  reset  by  a  valid
                 signon).   The scan value  must be 11  or less digits.

                 LMTDEVSSN.   Limit  device sessions.   The  scan value
                 must be  *YES, *NO,  *SYSVAL,  or a  number between  0
                 and 9.

                 SPCAUT.   Special authority.   The scan value  must be
                 *ALLOBJ,    *AUDIT,   *IOSYSCFG,   *SAVSYS,   *SECADM,
                 *SERVICE, or *SPLCTL.

                 MAXSTG.   Maximum storage  allowed in  KB.   The  scan
                 value must be  *NOMAX, or a number less  than or equal
                 to 15 digits.

                 STGUSE.   Maximum storage used in KB.   The scan value
                 must be a number less than or equal to 15 digits.

                 PTYLMT.  Priority  limit.   The scan value  must be  a
                 digit between 0 and 9.

                 INLPGM.  Initial  program.  The  scan value must  be a
                 name or *NONE.

                 INLPGMLIB.   Initial program library.   The scan value
                 must be a name, *LIBL, or *CURLIB.

                 JOBD.   Job  description.   The scan  value must  be a
                 user object or QDFTJOBD.

                 JOBDLIB.   Job description  library.   The scan  value
                 must be a name, *LIBL, or *CURLIB.

                 GRPPRF.    Group  profile.    The name  of  the  group
                 profile  (if any) or  *NONE.   Supplemental groups are
                 also searched.

                 OWNER.  The owner of  new objects created by a  member
                 of a  group profile.  The  scan value must  be *USRPRF
                 or *GRPPRF.

                 GRPIND.     Group  profile   indication  (whether  the
                 profile is a group profile).   The scan value must  be
                 *YES or *NO.

                 ACGCDE.  Accounting code.   The scan value may  be any
                 value.

                 MSGQ.    Message queue.    The scan  value  must be  a
                 message  queue  (normally the  same  name as  the user
                 profile).

                 MSGQLIB.    The   library  where  the  message   queue
                 exists.  The scan value is normally QUSRSYS.

                 OUTQ.   Output  queue.   The  scan  value is  normally
                 *WRKSTN.

                 OUTQLIB.   Output queue library.   The scan value must
                 be a name, *LIBL, or *CURLIB.

                 TEXT.  Text  description.  The  scan operator must  be
                 *CT.  The  scan value should be  entered without quote
                 symbols.   It will be folded to  upper case by command
                 processing.  The text  description is folded to  upper
                 case before scanning.

                 SPCENV.   Special environment.   The  scan value  must
                 be *SYSVAL, *S36, or *NONE.

                 CURLIB.   Current library.   The scan value  must be a
                 library name or *CRTDFT.

                 INLMNU.    Initial menu.   The  scan  value must  be a
                 name or *SIGNOFF.

                 INLMNULIB.   Initial  menu library.    The scan  value
                 must be blank or a specific library name.

                 LMTCPB.   Limit  user  capabilities.   The scan  value
                 must be *YES or *NO.

                 DLVRY.    Delivery method.    The scan  value  must be
                 *NOTIFY, *HOLD, *BREAK, or *DFT.

                 SEV.   Message severity.    The lowest  severity  that
                 will  cause  an  action.   It  must  be  a  two  digit
                 number.

                 PRTDEV.   Print  device.   The  scan value  must  be a
                 name, *SYSVAL, or *WRKSTN.

                 ATNPGM.  Attention  program.  The  scan value must  be
                 a name, *NONE, *SYSVAL, or *ASSIST.

                 ATNPGMLIB.    Attention program  library.    The  scan
                 value may be a name, blank, *LIBL, or *CURLIB.

                 STATUS.   Status.  The scan value  must be *ENABLED or
                 *DISABLED.

                 KBDBUF.   Keyboard buffering.   The scan value must be
                 *SYSVAL, *YES, *NO, or *TYPEAHEAD.

                 ASTLVL.   Assistance level.   The scan  value must  be
                 *SYSVAL, *BASIC, or *INTERMED.

                 USROPT.   User  options.   The scan  operator  must be
                 *EQ.     The  scan  value  must  be  *CLKWD,  *EXPERT,
                 *ROLLKEY, *NOSTSMSG, *HELPFULL, *PRTMSG, or *NONE.

   SCNVAL        The value to be  scanned for.  Up  to 15 bytes may  be
                 entered.

                 To  scan   for  non-blank   entries  enter  '   '  and
                 SCNOPR(*NE).

                 See  the  ATTRIBUTE parameter  for what  is  valid for
                 the scan value.

   SCNOPR        The scan operator to be used.  *EQ is the default.

                 *NE, *GT,  *GE, *LT,  *LE, or  *CT (contains)  may  be
                 entered.   Non-meaningful functions  such as  scanning
                 the  PWDNONE  attribute (supports  only  *YES or  *NO)
                 for  a scan operator other  than *EQ/*NE are rejected.

   REFRESH       An  option  to  determine  if  the  DSPUSRPRF  OUTFILE
                 function is  used to refresh the TAASECKP  file in the
                 TAASECURE  library.  The  default is  *YES meaning the
                 file will be refreshed.

                 *DAYCHG may  be specified  which means  the file  will
                 be  refreshed if  the last  time the  file was  output
                 was  on a  different day.    *DAYCHG assumes  that you
                 are using the command repeatedly  on the same day  and
                 do not want to keep refreshing the information.

                 *NO may  be specified to  use the  existing data.   If
                 no data exists, the file is output.

   OUTPUT        How  to  output the  results.   *  is  the default  to
                 display  the spooled  file if  the command  is entered
                 interactively.  The spooled  file is deleted after  it
                 is displayed.

                 If  the  command is  entered  in  batch  or *PRINT  is
                 specified,  the spooled  file is output  and retained.


Restrictions
------------

You must have *ALLOBJ special authority to use SCNUSRPRFA.

Prerequisites
-------------

The following TAA Tools must be on your system:

     CHKALLOBJ       Check *ALLOBJ special authority
     CHKGENERC       Check generic
     RTVVALA         Retrieve value attributes
     RTVSYSVAL3      Retrieve system value 3
     SNDCOMPMSG      Send completion message
     SNDESCINF       Send escape information
     SNDESCMSG       Send escape message
     SNDSTSMSG       Send status message

Implementation
--------------

None, the tool is ready to use.

Objects used by the tool
------------------------

   Object        Type    Attribute      Src member    Src file
   ------        ----    ---------      ----------    ----------

   SCNUSRPRFA    *CMD                   TAASEIF       QATTCMD
   TAASEIFC      *PGM       CLP         TAASEIFC      QATTCL
   TAASEIFR      *PGM       RPG         TAASEIFR      QATTRPG

Added to TAA Productivity tools October 15, 2009

Home Page

Up to Top