IBM Support

Sign-On Exit Utility for IP Address

Troubleshooting


Problem

This document provides a utility program for recording the TCP/IP address of the Signon Service requestor.

Resolving The Problem

NOTE: This document only contains information for out of support releases. Behavior has changed or this has not been tested at current releases.

There are many different clients and programs that check user profiles and passwords. In situations where a user profile is being disabled due to excessive incorrect passwords, the first step is to narrow down the job requesting the verification. Typically, the Auditing Journal will list a job or user. In the case of the Client Access Sign-On Host Server, the job is QZSOSIGN and the user is QUSER. This does not give much information to continue identifying the source of the bad password.

The following utility program can be compiled and registered to the Sign-On Server exit point. Once installed, the joblog of the QZSOSIGN job records the user profile and the TCP/IP address of the client that is requesting to verify a user ID and password. Therefore, you may want to ensure that the QZSOSIGN joblog is retained after the job ends so the joblog can be read.

To register the program to the exit point, do the following:
1. Copy the program into a member and compile the CL Program.
2. On the operating system command line, type the following:

ADDEXITPGM EXITPNT(QIBM_QZSO_SIGNONSRV) FORMAT(ZSOY0100) PGMNBR(1) +
PGM(lib/pgmname) TEXT('record ip address of requester)

where lib/pgmname is the library and program name that you compiled. Press the Enter key.
To change the job so that its joblog is retained, do the following:
1. On the operating system command line, type the following:

CHGJOBD QZBSJOBD LOG(4 00 *SECLVL)

Press the Enter key.
2. On the operating system command line, type the following:

ENDPJ SBS(QUSRWRK) PGM(QSYS/QZSOSIGN) OPTION(*IMMED)

Press the Enter key.
3. On the operating system command line, type the following:

STRPJ SBS(QUSRWRK) PGM(QSYS/QZSOSIGN)

Press the Enter key.
Caution: The following program is provided as is. It has not been extensively tested and might not handle all errors. No warranty is expressed nor implied.
                                                                                                                                                                                                                                                                Example

0001.00 PGM      PARM(&INPARMS &INPARM2)
0001.50  /* V5R3 and previous          */
0002.00  /* START OF INPUT PARM DCLS   */                                      
0003.00              DCL        VAR(&INPARMS) TYPE(*CHAR) LEN(11)              
0004.00              DCL        VAR(&INPARM2) TYPE(*CHAR) LEN(1)              
0006.00  /* END OF INPUT PARM DCLS */                                          
0007.00  /* START OF CALL JOB INFORMATION DCLS */                              
0008.00              DCL        VAR(&JOBI) TYPE(*CHAR) LEN(700) VALUE(' ')    
0009.00              DCL        VAR(&JOBILEN) TYPE(*DEC) LEN(4 0) VALUE(700)  
0010.00              DCL        VAR(&FMTNAME) TYPE(*CHAR) LEN(8) +            
0011.00                           VALUE(JOBI0600)                              
0012.00              DCL        VAR(&QUALJN) TYPE(*CHAR) LEN(26) VALUE('*')    
0013.00              DCL        VAR(&INJOB) TYPE(*CHAR) LEN(16) +              
0014.00                           VALUE('                ')                    
0015.00  /* END OF CALL JOB INFORMATION DCLS */                                
0016.00  /* START OF MISC DCLS    */                                          
0017.00              DCL        VAR(&OUTMSG) TYPE(*CHAR) LEN(75) VALUE('User +
0018.00                           .......... from client address +            
0019.00                           ............... requested signon.')          
0020.00                                                                            
0021.00 /* ********** END OF DECLARES **************************************** */  
0022.00 /*                                                                     */  
0023.00 /* ********** CODE                                     *************** */  
0024.00 /*  CHGJOB LOG CL COMMAND *NO WILL KEEP THE JOB'S JOBLOG A BIT CLEANER... */
0025.00              CHGJOB     LOGCLPGM(*NO)                                      
0026.00              MONMSG     MSGID(CPF0000)                                      
0027.00 /*   COPY USER TO OUTPUT MESSAGE                                       */  
0028.00              CHGVAR     VAR(%SST(&OUTMSG 6 10)) VALUE(%SST(&INPARMS +      
0029.00                           2 10))                                            
0030.00              CALL       PGM(QSYS/QUSRJOBI) PARM(&JOBI &JOBILEN +            
0031.00                           &FMTNAME &QUALJN &INJOB)                          
0032.00              MONMSG     MSGID(CPF0000)                                      
0033.00 /*   COPY IP ADDRESS TO OUTPUT MESSAGE                                 */  
0034.00              CHGVAR     VAR(%SST(&OUTMSG 37 15)) VALUE(%SST(&JOBI 308 15))  
0035.00 /*   OUTPUT MESSAGE                                                    */  
0036.00              SNDPGMMSG  MSGID(CPF9898) MSGF(QSYS/QCPFMSG) +                
0037.00                           MSGDTA(&OUTMSG) TOPGMQ(*EXT)                      
0038.00              MONMSG     MSGID(CPF0000)                                      
0039.00              CHGJOB     LOGCLPGM(*YES)                                      
0040.00              MONMSG     MSGID(CPF0000)      
0041.00 ENDPGM                                      

[{"Type":"MASTER","Line of Business":{"code":"LOB68","label":"Power HW"},"Business Unit":{"code":"BU070","label":"IBM Infrastructure"},"Product":{"code":"SWG60","label":"IBM i"},"Platform":[{"code":"PF012","label":"IBM i"}],"Version":"6.1.0"}]

Historical Number

27302330

Document Information

Modified date:
21 November 2024

UID

nas8N1016947

Page Feedback