How to remove user profiles from the system that no longer exist (NETIQKB39769)

  • 7739769
  • 02-Feb-2007
  • 24-Apr-2015

Environment

NetIQ Security Solutions for iSeries 8.1
NetIQ Security Solutions for iSeries 8.0
VigilEnt Security Agent for iSeries 7.5
PSSecure
Remote Request Management (RRM)

Situation

The "Work With Users" list in RRM includes profiles that have been deleted from my system.
How to remove user profiles from the system  that no longer exist.

Is there a way to clean up old user profiles from RRM?

Resolution

The Delete User NW0080B API removes user profiles from RRM in the following tables/menu options (Menu options begin with PSMENU):

  • Groups and members (2,3,3,1)
  • Secured Entries (2,3,1)
  • Object authorities (2,3,4)
  • Networks, Users, Functions, Groups (2,3,3,2)
  • User/Server Overrides (2,3,6)
  • User Object Action (Overrides) (2,3,7)

The API allows you to delete user profiles from RRM. The required parameters are as follows (Parameter is User Profile - 10 Characters):

  • CALL  PGM(PSCOMMON/NW0080B)  PARM('usrprf    ')

 OR

  • CALL  PGM(PSCOMMON/NW0080B)  PARM('*ALL      ')

*NOTE the value in the PARM must be 10 characters long, including spaces.

If a specific user id is specified, that ID will be deleted from the RRM files (all environments). No check is made to see if the specified user id has a corresponding *USRPRF object.


If *ALL is specified for the user id, all RRM user entries are selected and checked for corresponding *USRPRF objects.  If *USRPRF object does not exist, the user id is removed from the secured entries table and all associated tables (groups, overrides, remote object authorities). 


When complete, the deleted users will be gone from all environments.  User profile objects (*USRPRF) are not deleted, only the RRM user profiles and their related RRM entries.
Neither Collected Entries nor RRM journal entries are affected.  Auditing of the changes is done through existing trigger programs on the files.

 



Additional Information

Formerly known as NETIQKB39769