I'm trying to figure out a way to test all user profiles to make sure the user profile does not match the password, e.g. USERID = QSECOFR Password = QSECOFR. I've explored various API's and functions, and cannot find a way to do this programically. We have several thousand userid's, so to do this manually will take some time. This request came from our auditors by the way. Anyone have any ideas on how to accomplish this task?
Unconfigured Ad Widget
Collapse
Announcement
Collapse
No announcement yet.
Dup Passwords
Collapse
X
-
Dup Passwords
Jim, Have a look at menu SECTOOLS - option 1: Analyze default passwords (ANZDFTPWD)will do exactly what you want. If you want to write your own program to do the check the security API QSYGETPH (Get profile handle), which allows for password validation - be sure to read the documentation carefully though; there are a couple of things to take into consideration (authority required, possible user profile disabling, etc.). Best regards, Carsten Flensburg
Comment