With this description:

> I can get into DST or SST via '22222222', but that user doesn't have 
> authority to re-enable the QSECOFR profile. (In fact, no other profile

> appears when you go to that option.) There are no other SECOFR users 
> defined in DST.

Leads me to believe the parm in this screen (option 7 off STRSST)

Allow a service tools user ID with a                          
 default and expired password to change                       
 its own password . . . . . . . . . . . . . .  1  1=Yes, 2=No 

Is set to 2.  Which means an IPL would be required in manual mode in
order to make the appropriate changes, and to be allowed to sign on with
a default, expired password.

Yes / no / maybe?

Justin C. Haase - iSeries System Administrator
IBM Certified Systems Expert - eServer i5
Kingland Systems Corporation
email - justin.haase@xxxxxxxxxxxx
 

-----Original Message-----
From: midrange-l-bounces@xxxxxxxxxxxx
[mailto:midrange-l-bounces@xxxxxxxxxxxx] On Behalf Of Steve Richter
Sent: Monday, May 02, 2005 1:02 PM
To: Midrange Systems Technical Discussion
Subject: Re: DST/SST woes

On 5/2/05, Haase, Justin C. <justin.haase@xxxxxxxxxxxx> wrote:
> You just need to IPL to DST (manual mode IPL) _after_ doing the 
> CHGDSTPWD.  The new QSECOFR password will be case-senstive QSECOFR.
> Then make sure if you want to be able to do this without a manual IPL 
> next time to change the security setting in DST (not sure of exact 
> option number) to allow users to change an expired password with the 
> system running.

I dont think you need to IPL to complete the password change.  running
STRSST will start the process just as the manual ipl will.  Here are my
notes on the topic:

In the event of "dst profile is expired" or "profile disabled", do the
following:
- chgdstpwd *default
- strsst
- when prompted for dst user name and password, press f9 to change the
password
- change the password.  the current password value is case sensitive, so
if "qsecofr" does not work, enter "QSECOFR".

-Steve


CONFIDENTIALITY NOTICE:  This e-mail communication, including attachments, is 
covered by the Electronic Communications Privacy Act, 18 U.S.C. 2510-2521, is 
confidential, and may be legally privileged.  If you are not the intended 
recipient or believe you received this communication in error, please reply to 
the sender indicating that fact and delete the copy you received.  In addition, 
retention, dissemination, distribution, copying, or otherwise use of the 
information contained in this communication is strictly prohibited.  Thank you.


As an Amazon Associate we earn from qualifying purchases.

This thread ...

Follow-Ups:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.