Visible passwords

cnc__guy

cnc__guy

Well Known Member
JDE List,

Is there a way in an OneWorld implementation using an AS/400 as the ES to
keep from having the password visible when running the RUNUBE command in a
CL?

Thanks,
James


James A. Wilson
Technical - CNC

OW B73.3.3 Xe SP17 Update 3
ES - AS/400 V5R1 LPARs
DB2/400
Citrix MetaFrame
 
Set this in your INI file on the AS/400

Security]
ServerPswdFile=True

Cleola Isaacs
CNC Administrator/Network Analyst
Xe Update 2 SP 16
Enterprise AS/400
WTS NT 4.0
 
James,

I use the RUNUBE in a CL. I tried to put the id & password in a data area
and pass it through parameters but it put quotes around it and errored out.
I have secured my library so no one will know my password... If anyone out
there knows how to make the data area and passing parameters work I'd sure
appreciate it.

You could also just secure the CL file you're using, whether it's qclsrc or
? Just put security on it. Then run the UBE's through CL...

:)


Lori
OW Xe SP16 Update 2
AS400 V5R1 NT
Citrix
email: [email protected]
 
Unfortunately, the password field is easily viewed by anyone that can:
1) view your CL source
2) retrieve souce from the CLP (assuming compile option ALWRTVSRC = *YES)
3) display the active job log while the job is running (batch or interactive)

Since we are heavy users of the RUNUBE command, this is a sore point for us.


Brent Husband
OneWorldXe - B73.3.3 SP13, AS/400 V4R5
 
Brent,

The joblogs here don't show my password. I run mine on the scheduler in the
middle of the night and rarely is anyone on the 400 besides me. When I was
testing I noticed that my password didn't show up either--I was worried
about that. I would think that if you'd secure that source file that no one
could retrieve the source--unless of course they have *allobj authority...
I have secured mine. I'm sure it is a sore issue, security is very
important everywhere.

I'm on V5R1, I don't know if that makes any difference or not...

Good Luck!






Lori
OW Xe SP16 Update 2
AS400 V5R1 NT
Citrix
email: [email protected]
 
I'm note sure I follow...how does this setting hide passwords in the RUNUBE command?

Dave

Manager, IT Infrastructure and CNC Support
AS/400 V4R5 - OneWorld XE Update 1, SP 17
 
What we've done is create a RUNUBE user so that no developer has his or her
password exposed and the RUNUBE user has only enough authority to run the
necessary applications. Not exactly secure but better than nothing. If
someone does know how to close this security gap, I'd love to be in on the
secret.

Darrell

AS/400 V4R4 730/8-way O/W B7332 sp11.3
 
Back
Top