How can I automatically assign an object owner to user profiles recreated from the UPM archive? (NETIQKB51246)

  • 7751246
  • 02-Feb-2007
  • 12-Jun-2007

Resolution

goal
How can I automatically assign an object owner to user profiles recreated from the UPM archive?

goal
Can I assign the object owner of a reactivated user profile to a user other than QSECOFR?

fact
PSSecure 7.5

fact
PSSecure 8.0

fact
PSSecure 8.0 Profile & Password Management

fact
PSSecure 8.0

fact
VigilEnt Security Agent for PSSecure 7.5

fact
VigilEnt Security Agent for iSeries 7.5

fact
NetIQ Security Solutions for iSeries 8.0

fix

Follow the instructions below to implement a program to automatically assign an object owner to user profiles recreated from the UPM archive. When implementing this program you can specify a user profile other than QSECOFR to own user profile objects.

To automatically assign an object owner to a recreated user profile:

  1. Save the attached file to the root directory of the local drive (C:\) on your PC.

    https://download.netiq.com/kb/files/CHGUPOWN.txt

  2. Copy the file from the PC to the iSeries using FTP:
    1. Open a new DOS or command window.
    2. Type the following command where servername is the name or IP address of your iSeries server and press Enter.

      FTP servername

    3. Type a user ID at the FTP prompt, and press Enter.
    4. Type the associated password at the FTP prompt, and press Enter.
    5. Type the following commands, pressing Enter after each:

      put c:\CHGUPOWN.txt QGPL/QCLSRC.CHGUPOWN

      quit

  3. From the iSeries server command line, type the following commands, pressing Enter after each:

    CHGPFM FILE(QGPL/QCLSRC) MBR(CHGUPOWN) SRCTYPE(CLP) TEXT('Change Owner of User Profile')

    CRTCLPGM QGPL/CHGUPOWN QGPL/QCLSRC ALWRTVSRC(*NO) AUT(*EXCLUDE)

    CHGPGM QGPL/CHGUPOWN USRPRF(*OWNER) USEADPAUT(*YES) RMVOBS(*ALL)

    CHGOBJOWN QGPL/CHGUPOWN *PGM NEWOWN(PSOBJOWNS)

    GRTOBJAUT OBJ(QGPL/CHGUPOWN) OBJTYPE(*PGM) REFOBJ(PSSECURE/ZPCL47)

    CRTDTAARA DTAARA(QGPL/ZPCRTP0100) TYPE(*CHAR) LEN(10) VALUE('CHGUPOWN') AUT(*EXCLUDE) TEXT('Called from QIBM_QSY_CRT_PROFILE/CRTP0100')

    DSPDTAARA PSSECURE/ZPDFTOWNER OUTPUT(*PRINT) /* print current value before changing */

    CHGDTAARA DTAARA(PSSECURE/ZPDFTOWNER (01 10)) VALUE(QSECOFR)

    Note: You can specify another user profile instead of QSECOFR to own user profile objects.

  4. If user profile PENTAZP does not exist, configure PPM Profile and Password Synchronization even though it will not be used for synchronization. To access the Profile and Password Management Profile Synchronizer Installation screen, from PSMENU, select options 2, 2, 2, and 8.

  5. If you are not currently using PPM Profile and Password Synchronization, disable synchronization by performing the following steps:
    1. Access the Profile and Password Management Profile Synchronizer Defaults screen from PSMENU by selecting options 2, 2, 2, and 4.
    2. Specify N for the following fields, and then press Enter:
      • Receive and apply profile changes
      • Send user profile changes
      • Receive and apply password changes
      • Send password changes
  6. Add user profile exit programs. To access the Add User Profile Exit Programs screen, from PSMENU, select options 2, 2, 2, and 10.


Additional Information

Formerly known as NETIQKB51246