How do I know if the user profiles displayed in the Crt, Chg, Restore of User Profiles report adopte (NETIQKB46944)

  • Document ID:7746944
  • Creation Date:02-Feb-2007
  • Modified Date:08-Oct-2007
    • Micro Focus Products:
      Security Solutions for iSeries

Resolution

goal
How do I know if the user profiles displayed in the Crt, Chg, Restore of User Profiles report adopted authority?

goal
How do I add a Job User Column to the Crt, Chg, Restore of User Profiles report?

goal
How can I display which user profile created, changed, or restored another user profile?

fact
VigilEnt Security Agent for iSeries

fact
System Auditing and Reporting (SAR)

fact
NetIQ Security Solutions for iSeries

fact
VigilEnt Security Agent for iSeries

fact
VigilEnt Security Agent for PSAudit 7.5

fact
NetIQ Security Solutions for iSeries 8.0

fact
PSAudit 8.0

fact
PSAudit 8.0 System Auditing and Reporting

fix

The PSAudit Crt, Chg, Restore of User Profiles report displays all new, changed, and restored user profiles. You can use this report to display which user's authority made these changes.

The Changed by User field of this report does not display whether the user profile adopted authority to perform the listed actions. Displaying the user profile from where actions originated allows you to see whether user profiles are adopting authority to create, change, or restore user profiles on your server.

To display the user profiles from where the change requests originated, you can add a Job User field to the Crt, Chg, Restore of User Profiles report. This column displays which user profile owned the job that issued the change to the profile. Comparing the value in the Job User field to the value in the Changed by User field allows you to see if a user profile is adopting authority when creating, changing or restoring user profiles.

To add a Job User column to the Crt, Chg, Restore of User Profiles report:

  1. Run the Crt, Chg, Restore of User Profiles report interactively.
  2. From a command line, type WRKQRY and press Enter.
  3. In the Option field, type 2 (Change) and press Tab.
  4. Type AAQYCP and press Tab.
  5. Type PSAUDIT and press Enter.
  6. Type 1 in the Opt field to the left of Select and sequence fields and press Enter.
  7. Press F11 to see the Seq, Field and Text columns.
  8. Press Page Down twice.
  9. Type 250 in the SEQ field for CPUSER and press Enter.
  10. Press Enter.
  11. Ensure Save definition is set to Y and Run option is set to 3.
  12. Press Enter.
  13. Press F3.
  14. Press F12.

    note
    Please note that an upgrade of VigilEnt Security Agent for iSeries changes the AAQYCP query back to its default values. To save the changes made to this report, backup the AAQYCP query file to a different library prior to the upgrade. When the upgrade is complete, replace the new AAQYCP file with the modified file.

    note
    Please note that you can use this KB article to modify the query only if you have iSeries Query installed. iSeries Query is licensed program "5722QU1."

Additional Information

Formerly known as NETIQKB46944