Is there a report that will show what AS/400 command defaults have been changed?
How do I determine which operating command defaults have changed?
NetIQ Security Solutions for iSeries 8.0
VigilEnt Security Agent for iSeries 7.5
To list operating system commands that have changed, you can run the Changed Objects Report (from PSMENU take options 1, 1, 5, and 7) and create a filter for commands in QSYS. This displays any recent changes to the commands. Please note that this report uses QAUDJRNÂ journal receivers for input and will only cover the date and time range that the receivers on your system will allow.
To list operating system commands that have changed based on ODAPAR field in the object description, issue the following commands from an iSeries command line pressing Enter after each. This report is not dependent uponÂ QAUDJRN andÂ triggers upon theÂ ODAPAR field in the object description.
DSPOBJD OBJ(QSYS/*ALL) OBJTYPE(*CMD) DETAIL(*FULL) OUTPUT(*OUTFILE) OUTFILE(QTEMP/COMMANDS)
PSRUNSQL REQUEST('SELECT * FROM qtemp/commands WHERE ODAPAR = ''CHGDFT''') OUTPUT(*PRINT)
When CHGCMDDFT is run, the ODAPAR field is updated in the object description with the value
CHGDFT. This can be seen with DSPOBJD using the Service option for the information labeled
APAR ID. If a mistake was made and the default was put back to its original value, the object description still indicates
For system supplied commands, the use of CHGCMDDFT also changes the field ODUMOD to
1 indicating a user change has been made. For user commands, ODUMOD is always set to
1 when a command is created. The value for ODUMOD can be seen with the Service information with the information labeled
For system supplied commands, it does not appear that there is any method for the user to change the ODAPAR value. If a PTF was applied that affected the command, the CHGDFT information would probably be lost.
For user commands, the ODAPAR value can be changed by the QLICOBJD API to any value desired.
The reason a system supplied command cannot be changed by the API is that the API supports an option that will prevent any further changes using the API. After a command (or any object) is created, you can run the API to state that the API cannot be used again. The option that
Allows a QLICOBJD change cannot be seen with DSPOBJD, but the outfile field ODAAPI describes the setting. If you use CRTDUPOBJ to create a duplicate of a command, it retains the setting of the ODAAPI value.