Locking Out Users

daveschultz

Well Known Member
We have times where we need to lock out all user except for a small group. Currently to do this I am using SQL on the F0093 to remove the PD environment from all of the roles that need to be locked out. Just wondering if others have this and if they handle it a different way.

Thanks

Dave
E900, Tools 9.1.0.4
 
This is likely the easiest thing to do but instead of removing an environmne tjust change the name from PD910 to PDXXX. Makes it easier to switch back.

You can use SQL or create a TC to do the change for you.
 
Dave,

There are two ways I do this. One way is to shut down web access. Generally the people who need access do so via a fat client and those who need to be locked out only access JDE from the web.

The other way is to use the SQL below to disable users in the F98OWSEC. I use the column SCSECTPE to store a flag that indicates which rows were changed. SCSECTPE is not used in our system. It is blank for all rows and doesn't change.

UPDATE SY910.F98OWSEC -- for E910
SET SCEUSER = '02', SCSECTPE = 'DIS'
WHERE SCEUSER = '01'
AND NOT SCUSER IN ('EXCEPT01','EXCEPT02','EXCEPT03') -- User Exceptions
AND NOT SCUSER IN (SELECT ULUSER FROM SY910.F0092 WHERE ULUSER = SCUSER AND ULUGRP IN ('EXCPTROLE1', 'EXCPTROLE2', 'EXCPTROLE3'))) -- Role Exceptions

To re-enable users I use the following SQL:

UPDATE SY910.F98OWSEC -- for E910
SET SCEUSER = '01', SCSECTPE = ' '
WHERE SCSECTPE = 'DIS'
 

Similar threads

E9.2 How do I block access to security for all users?
Replies
5
Views
2K
Harry Chen
E9.2 REST vs SOAP APIs in 9.2
Replies
2
Views
521
alfredorz
alfredorz
alfredorz
E9.2 IBM Db2 exception value out of range
Replies
4
Views
439
alfredorz
alfredorz
E9.2 Multiple JDE Environments to support JDE module testing.
Replies
4
Views
1K
Larry_Jones
Larry_Jones
E9.2 Best way to find correct role for user?
Replies
1
Views
905
JMR
Back
Top