Print Profile Internals (PRTPRFINT)
|Where allowed to run: All environments (*ALL)
The Print Profile Internals (PRTPRFINT) command allows you to print a report containing information on the number of entries contained in a user profile (*USRPRF) object. The number of entries in the user profile determines the size of the user profile.
Four types of entries can be found in a user profile:
- Owned objects
- For every object a user profile owns, an "owned objects" entry exists in that user's profile (*USRPRF).
- Private authorities
- For every private authority a user is granted, a "private authority" entry exists in that user's profile (*USRPRF).
- Authorized objects
- For every user that is granted a private authority to an object a profile owns, an "authorized object" entry exists in the object owner's profile (*USRPRF).
- Primary group authorities
- For every object for which a user is the primary group, a "primary group" entry exists in that user's profile (*USRPRF).
Each entry in the user profile causes the user profile (*USRPRF) object to grow. The combination of all of the entries determines the size of the user profile. A user profile (*USRPRF) can contain approximately 50 million entries for objects in the system auxiliary storage pool plus an additional 50 million entries for each independent auxiliary storage pool which is varied on that the profile owns objects on, has private authority to objects on, or is the primary group profile of objects on it. A user profile can not exceed 50 million entries for the objects on any single auxiliary storage pool.
You can also think of the total number of entries as determining how "full" a user profile is. The report produced by this command shows how full the user profile is by giving a percentage (rather than giving the actual number of entries in the profile.) The report also gives a percentage for each of the four types of entries in the *USRPRF. Note: In the report, the total percentage full for a profile can be greater than 100% due to rounding.
You can choose to run this report for all user profiles, a subset of profiles, a specific profile or all profiles that are at least a specified percentage full. For example, you can run the report for the CJW profile or you can run the report for all profiles that are at least 99.90% full.
Note: If your system has any independent auxiliary storage pools varied on, then the percentages produced by this report may not be what you expect. The percentage is computed for each profile based on the total number of entries used divided by the total number of entries available to that specific profile. The total number of entries available to each profile may not be the same depending on whether the profile has entries for any object on a varied on independent auxiliary storage pool. For example, if the system has two varied on independent auxiliary storage pools and profile TESTUSER1 only has entries for objects on one of them, then the total number of entries available for TESTUSER1 is 100 million. If profile TESTUSER2 has entries for objects on both of the independent auxiliary pools, then the total number of entries available for TESTUSER2 is 150 million. However, if both of the independent auxiliary storage pools are varied off, then the total number of entries available for profiles TESTUSER1 and TESTUSER2 is 50 million.
Recommendations to avoid profiles becoming full:
- Do not have one profile own everything on your system. For example, have each application be owned by its own profile.
- Do not use IBM-supplied profiles, such as QSECOFR and QPGMR, as owners of your application. As shipped from IBM, they already own many objects and can become full when they also own user (non-IBM) objects.
- If you are granting private authorities to many objects for several users, you should consider using an authorization list to secure the objects. Authorization lists will cause one private authority entry for the authorization list in the user's profile rather than one private authority entry for each object. In the object owner's profile, authorization lists will cause an authorized object entry for every user granted authority to the authorization list rather than an authorized object entry for every object multiplied by the number of users granted the private authority.
Authorization lists are especially useful if you are granting private authorities to files. Files are complex objects. For complex objects, you get an entry for each piece of the object. For example, in a file owner's profile, you have an ownership entry for each piece of the file, including an entry or two for each member. (Physical files have two entries per member.) If you grant a private authority to ten users and the file has 50 members, the result will be 100 authorized object entries in the file owner's profile. With an authorization list, the ownership entries will remain the same, but the authorized object entries will be reduced to one for each user granted authority to the authorization list securing the file.
Do not confuse the percentage full of a user profile with the maximum storage (MAXSTG) that a user profile can own. They are two different concepts.
Restriction: You must have all object (*ALLOBJ) special authority to run this command.
|SELECT||Select by||*USRPRF, *PCTFULL||Optional|
|USRPRF||User profile||Qualifier list||Optional|
|Qualifier 1: User profile||Generic name, name, *ALL|
|PCTFULL||Percent full||0.01-100.0, 99.90||Optional|
Select by (SELECT)
Specifies what criteria is used to select the user profiles to include in the report.
- User profiles are selected for the report based on the profile name specified for the USRPRF parameter.
- User profiles are selected for the report based on the value specified for the PCTFULL parameter.
User profile (USRPRF)
If *USRPRF was specified for the Select by (SELECT) parameter, you must specify the user profiles to be included in the report.
- All user profiles will be included in the report.
- The name of the user profile to be included in the report.
- The generic name of the user profile to be included in the report. A generic name is a character string of one or more characters followed by an asterisk (*).
Percent full (PCTFULL)
If *PCTFULL was specified for the Select by (SELECT) parameter, you must enter a value which will be used as the percentage full. User profiles that are at least as full as the percentage specified on this parameter will be included in the report. The value specified must be between 0.01 and 100.00.
- User profiles that are at least 99.9 percent filled with entries will be included in the report.
- A value, ranging from 0.01 through 100.00, for the percent full selection value.
PRTPRFINT SELECT(*PCTFULL) PCTFULL(99.00)
This command prints a report of user profile internal information for all of the user profiles that are at least 99 percent full.
- User does not have required special authorities.
- Command &1 in use in another job.