|
midrange-l-request@xxxxxxxxxxxx wrote: > 3. RE: User profile question (Ron-Zimmerman) > >For Rob's sign-on scenario, why not modify the sign-on screen to hide or >protect the menu and program fields? That is not a hard change, and it >takes this security risk away. > >Everywhere I have worked, the sign-on screen has been modified so that the >user is only allowed to enter their ID and password. It's less confusing >for the users and gives better control over the sign-on so they don't get >into something where they don't belong. Ron: It can certainly be valuable to customize the signon panel. However, this should be considered to be a security mechanism (other than displaying notices or simplifying for users, etc.) Consider a possibility such as: ==> telnet myas400 rmtuser(RONZ) rmtpwd(RonZPwd) rmtinlpgm(QCMD) This can be run on a command-line on MYAS400 to telnet back into MYAS400 for a test. When bypassing the signon panel (which can be a far better security mechanism since passwords can be encrypted rather than sending in clear-text), the signon panel is irrelevant. This form of telnet (client) has been available under OS/400 since V5R1. It is supported by clients such as iSeries Access emulation when 'bypass-signon' is used. Other emulation clients also allow it, though I don't have a useful list handy. (Server settings such as QRMTSIGN, exit programs, etc., can modify this behavior.) Tom Liotta
This mailing list archive is Copyright 1997-2026 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.
midrange.com
