Skip to main content  
        iSeries home   |   Easy400  
Freeware
 
 Introduction
 
 Terminal operation
 Browser operation
 
 Download
 
 
Password Reset Utility - Terminal operation
 

This page is related to a scenario where users are connected to the IBMi box via 5250 green-screen workstations, via TELNET, or via WEB Terminal Emulator.

Summary

  1. First of all you must logon with a user profile having *SECADM special authority and enter command PWDSERVE. This command submits a non-ending batch job that will take care of updating a user profile when an user logs on with the assigned temporary password (see step 4 below).
  2. Use command PWDRESET to reset the password of a given user profile. The password is automatically assigned and returned to you.
  3. Communicate the new password to the owner of the user profile.
  4. As soon as the owner of the user profile signs on, he will be requested to change his password (One Time Password, OTP, see this page).
    This is done from command PWDRESET by changing the initial program of the user profile. The original initial program will be restored as soon as the user changes his password.

Command PWDSERVE

This command requires a user profile having *SECADM special authority.
It submits to job queue QSYSNOMAX a non-ending job, named PWDSERVE. This job executes under the user profile of the submitting job. Therefore, it is able to change user profiles.

The following describes the scope of this job.
  • This utility provides a tool (command PWDRESET, see next) which forces the initial program of a user profile to ask for a new password.
  • On sign-on, the user is requested to provide a new password. Once the user has entered the new password, the job is ended. Meanwhile, the new password gets in control of the PWDSERVE job, which updates the user profile as follow:
    • the new password replaces the current one
    • the initial program is set back to its original value.
Note - If the PWDSERVE job is already active, command PWDRESET has no effect.

Command PWDRESET

Also this command requires a user profile having *SECADM special authority.

                        Reset user profile password (PWDRESET)
Type choices, press Enter.
User profile . . . . . . . . . . USRPRF ABC Name Length of the new password . . . PWDLEN 8 5-10 User e-mail address . . . . . . EMAIL jdooley@gmail.com
Figure 1 - Command PWDRESET
Use this command to reset the password and the initial program of a given user profile.
  • The new password is automatically assigned, has the length specified in paramer PWDLEN, and is returned on the Command Entry screen as soon as the command ends.
  • The new initial program is a program from this utility (see Figure2) which asks the user to enter a new password.
Note - Parameter EMAIL is the e-mail address of the user profile. If library MMAIL and command MMAIL/EMLPTUMSG are available, a message with the new password will be sent to this e-mail address.

User sign on

When the user signs on, the following screen appears:

Figure 2 - When user sign on
As soon as the user enters his new password,
  • The program sends some data to the batch PWDSERVE job.
  • The PWDSERVE job updates the user profile by changing the password and setting back the initial program to its original value (before command PWDRESET)
  • The PWDSERVE jobs sends an acknowledgment to the interactive program.
  • The interactive program signs off.


previous page
next page