5 replies Latest Post - ‏2012-03-21T16:24:26Z by QSECOFR
4 Posts

Pinned topic DST

‏2012-01-12T22:57:34Z |
I have been drafted as the resident AS/400 expert. My experience is mainly with maintaining them
(passwords, queues, WORKACTJOB, etc). This particular unit has been out of service for awhile.

The current need is to access the system and recover data stored on the box.
Of course, no one remembers any passwords to any of the system accounts (QSECOFR, etc).

I'm trying to access DST, but I've run into a problem.

There is no function 21 available on the panel display.
Cycling thru them, I'm presented multiple options (01, 02, 20, etc.)
but no Function 21. This is true in M (manual) mode and in N (normal) modes.

Any suggestions as to what I'm missing?

I have a console (PC via serial cable) that does give me a console
on QCTL, as DSP01. During bootup, I can see it do its loading, etc.
I am also presented with a login screen, so again, I know I'm talking
to the 400 via console cable and its working in all of its 115.2 glory..;)

So I know I have a working console, but without being able to access
function 21 on the panel, I'm not sure of how else I can reset QSECOFR.

Thoughts? Ideas? Addresses to send bribes to? :)

Any help is appreciated. I've been in IT for 25+ years, but
never really dug this deeply into OS400. I dont mind RTFM, but
a little direction would be greatly appreciated.

Updated on 2012-03-21T16:24:26Z at 2012-03-21T16:24:26Z by QSECOFR
  • RahnV
    4 Posts

    Re: DST

    ‏2012-01-13T14:03:15Z  in response to RahnV
    Well, 1 problem down, and another created.

    To access function 21, I had to boot into normal mode, then change the display panel to M<
    then function 21 appeared. It brought up the DST interface and I was able to login using
    Service acct: 11111111.

    The problem now is whatever moron setup this server, has revoked permissions on 11111111,
    so I can't reset the security on QSECOFR. They've changed the password on 22222222,
    so I cant use it to login to DST with..

    GAH.. stupid better mousetrap builders..
    • RahnV
      4 Posts

      Re: DST

      ‏2012-01-13T14:50:03Z  in response to RahnV
      So to recap:

      This is an AS/400 that was managed by the "helpful" people @ HMS.

      As it stands now, they've changed ALL the passwords for DST accounts, excepting
      the crippled 11111111 account. Of course, the 11111111 DST account is crippled
      to the point of useless. If I see "The user cannot perform the option selected"
      one more time, I'm going to scream.

      DST: QSRV/QSECOFR/22222222 are all disabled.

      Interactive Accounts: QSECOFR is disabled and password is unknown.

      Any suggestions?.. is this thing on?...tap..tap...
      • EmmanuelW
        1 Post

        Re: DST

        ‏2012-01-13T17:09:48Z  in response to RahnV
        I believe that you should be able to do a slip install of the LIC/OS, which will restore the default values for the system passwords, while maintaining the user contents of your DASD.

        Details here:

        (see Replacing Licensed Internal Code and i5/OS of the same version and release, then Replacing software of the same release using manual installation)


        • RahnV
          4 Posts

          Re: DST

          ‏2012-01-13T17:19:18Z  in response to EmmanuelW
          Thanks for the reply.

          I think I'm stuck with a slip/reload.

          I managed to get into QSRV, but they've revoked QSRVs access to reset security.. facepalm..

          Thanks again for the post.. Reading up on how I'm likely spending my weekend...
        • QSECOFR
          55 Posts

          Re: DST

          ‏2012-03-21T16:24:26Z  in response to EmmanuelW
          Thanks for the reply, but just wanted to mention that "security" type items such as passwords and system values are not replaced with a slip install since it would be a way to get around security (especially with remote virtual installs now).

          If they do not have any of the OS secofr authority or DST QSECOFR password, then scratch/install is the only option.