Rick - OK, I'm confused . . . if you don't want them to have access, don't give them a user profile! Or are you trying to prevent access via the Internet but allow access through the local LAN/WAN? Steve
No, its not quite that simple. We do not want any of our existing users to remotely access our 400. For example, they go home and start a telnet session. They already have an ID and PW. I guess we want to be able to have a "filter" only allowing certain users access.
Rick - You will have a hard time correlating users and IP addresses before the user signs onto your system since you can't match user and IP address (EX: I could be at 10.10.10.1 one day and 10.10.10.100 the next depending on the address assigned by my ISP if I have a dial-up connection.) You could interogate the IP address of the user's device using the QDCRDEVD API in an initial program and boot them back to a sign-on screen if they don't match your allowed users. HTH, Steve
I think you should look at exit program. This way you can control who is allowed to login. Unfortunatly, with the internet, security is a big issu so you may want to use some form of encryption to protect the user id and password that are send in clear text if not encrypted.
We are considering allowing internet access to the AS/400. We understanding the network technologies,firewalls, etc. Where we are finding difficulties is with the AS/400 and how to allow only certain users access via pass-thrus and workstations. We have looked into QRMTSIGN, its settings, and program. We are thinking the program option may be the way to do it and have found a modifiable sample of such. We simply are not sure what to do: is this the right approach or is there another way. Anyone who has been thru this---we would appreciate you advice! Thanks!