Print Profile Internals (PRTPRFINT)
|Where allowed to run: All environments (*ALL)
The Print Profile Internals (PRTPRFINT) command allows you to print a report containing information on the number of entries contained in a user profile (*USRPRF) object on each auxiliary storage pool (ASP). The number of entries in the user profile determines the size of the user profile.
Four types of entries can be found in a user profile. These entries exist in the *USRPRF object for the system ASP and all basic user ASPs (*SYSBAS) and in the user profile extension object on each independent ASP (IASP):
- Owned object entries
- For every object a user profile owns in *SYSBAS or on each IASP, an owned object entry exists.
- Private authority entries
- For every private authority a user is granted to an object in *SYSBAS or to an object on an IASP, a private authority entry exists.
- Authorized user entries
- For every user that is granted a private authority to an object a profile owns in *SYSBAS or on each IASP, an authorized user entry exists.
- Primary group entries
- For every object in *SYSBAS or on each IASP for which a user is the primary group, a primary group entry exists.
Each entry in the user profile causes the user profile (*USRPRF) object to grow. The combination of all of the entries determines the size of the user profile. There is a limit to the number of entries a user profile can contain for objects in *SYSBAS, and a limit for the number of entries a user profile can contain for objects on each IASP that is varied on. A user profile cannot exceed the limit of entries for the objects in *SYSBAS or on any IASP. For the maximum number of entries a profile can contain, refer to the Maximum capacities topic in the Availability category in the IBM i documentation.
You can also think of the total number of entries as determining how "full" a user profile is. The report produced by this command shows how full the user profile is by giving a percentage (rather than giving the actual number of entries in the profile.) The report also gives a percentage for each of the four types of entries in the *USRPRF. Note: In the report, the total percentage full for a profile can be greater than 100% due to rounding.
You can choose to run this report for all user profiles, a subset of profiles, a specific profile or all profiles that are at least a specified percentage full. For example, you can run the report for the CJW profile or you can run the report for all profiles that are at least 89.90% full.
Recommendations to avoid profiles becoming full:
- Do not have one profile own everything on your system. For example, have each application be owned by its own profile.
- Do not use IBM-supplied profiles, such as QSECOFR and QPGMR, as owners of your application. As shipped from IBM, they already own many objects and can become full when they also own user (non-IBM) objects.
- If you are granting private authorities to many objects for several users, you should consider using an authorization list to secure the objects. Authorization lists will cause one private authority entry for the authorization list in the user's profile rather than one private authority entry for each object. In the object owner's profile, authorization lists will cause an authorized object entry for every user granted authority to the authorization list rather than an authorized object entry for every object multiplied by the number of users granted the private authority.
Authorization lists are especially useful if you are granting private authorities to files. Files are complex objects. For complex objects, you get an entry for each piece of the object. For example, in a file owner's profile, you have an ownership entry for each piece of the file, including an entry or two for each member. (Physical files have two entries per member.) If you grant a private authority to ten users and the file has 50 members, the result will be 100 authorized object entries in the file owner's profile. With an authorization list, the ownership entries will remain the same, but the authorized object entries will be reduced to one for each user granted authority to the authorization list securing the file.
Do not confuse the percentage full of a user profile with the maximum storage (MAXSTG) that a user profile can own. They are two different concepts.
Restriction: You must have all object (*ALLOBJ) special authority to run this command.
|SELECT||Select by||*USRPRF, *PCTFULL||Optional|
|USRPRF||User profile||Qualifier list||Optional|
|Qualifier 1: User profile||Generic name, name, *ALL|
|PCTFULL||Percent full||0.01-100.0, 89.90||Optional|
Select by (SELECT)
Specifies what criteria is used to select the user profiles to include in the report.
- User profiles are selected for the report based on the profile name specified for the USRPRF parameter.
- User profiles are selected for the report based on the value specified for the PCTFULL parameter.
User profile (USRPRF)
If *USRPRF was specified for the Select by (SELECT) parameter, you must specify the user profiles to be included in the report.
- All user profiles will be included in the report.
- The name of the user profile to be included in the report.
- The generic name of the user profile to be included in the report. A generic name is a character string of one or more characters followed by an asterisk (*).
Percent full (PCTFULL)
If *PCTFULL was specified for the Select by (SELECT) parameter, you must enter a value which will be used as the percentage full. User profiles that are at least as full on any auxiliary storage pool (ASP) as the percentage specified on this parameter will be included in the report. The value specified must be between 0.01 and 100.00.
- User profiles that are at least 89.9 percent filled with entries on any ASP will be included in the report.
- A value, ranging from 0.01 through 100.00, for the percent full selection value.
PRTPRFINT SELECT(*PCTFULL) PCTFULL(85.00)
This command prints a report of user profile internal information for all of the user profiles that are at least 85 percent full.
- User does not have required special authorities.
- Command &1 in use in another job.