IBM Power Systems

IBM Power Systems

About This Blog

Warm wishes and welcome to all AS400 Administrators and Operators.



This is exclusive blog for iSeries system Administrators working anywhere in the world. Also a place for guys and gals who want to share knowledge pertaining to iSeries. This blog has been designed for exchanging knowledge on AS400 or iSeries server administration and operations.



Wednesday, June 30, 2010

Displaying Previous Sign-On Information

When the QDSPSGNINF is set to one, the Previous Signon Date and Time is displayed correctly when using Client Access connectivity. The last date/time of signon for the user profile is updated when the security API is called to verify a positive indicator and also updates the user profile. If the password is good for the ID provided, the API returns a positive indicator and also updates the user profile. There is no implication that this sign-on was for an interactive job.

The Signon Server for Client Access (for APPC and Sockets) calls the security API. Other products (such as an OEM emulator) may not call the security API, for example, Telnet from the DOS prompt. In addition, the PCOMM product (not the emulator shipped with Client Access) goes straight to the Telnet server and will not go through the Client Access Signon Server.

The Client Access Signon Server is used for a specific reason. If the Client Access user is running Data Transfer or RMTCMD, security must verify a user ID and password, and that would be a previous signon. The term signon means the last time a user ID and password were verified but not necessarily when a an interactive job was started. Client Access has a suite of functions that do not use a interactive job. In that case, the Client Access Signon Server is used to verify that the user ID and password are correct. Therefore, the date and time stamps for the user profile reflects the previous time that the user ID and password were checked rather than only the last time that an interactive job was started. This is working as designed and is not a defect.

As long as the same user ID and password are used for the Client Access sign-on and again later at the time the interactive job is started, you will see where the date and time stamps are correct for the previous sign-on. We understand that, in some cases, this information may not mean much. But, the last time that the password was verified and the user attempted any type of signon is always the date listed. This occurs when starting Client Access for the first time or when closing a Client Access connection and the user is prompted for the AS/400 sign-on information.

No comments:

Post a Comment