9 15 CHECK_IBMI_SIGNON

LANSA Technical

9.15 CHECK_IBMI_SIGNON

Þ Note: Built-In Function Rules.

Checks the status of the user profile on the IBM i server.

For use with

LANSA for i

YES

Only available with RDMLX

Visual LANSA for Windows

YES

 

Visual LANSA for Linux

YES

 

 

 

Arguments

No

Type

Req/ Opt

Description

Min Len

Max Len

Min Dec

Max Dec

1

A

Req

IBM i Server Name or IP Address

1

256

 

 

2

A

Req

SSL Required.

Y - Use SSL to communicate with the IBM i server

other - do not use SSL

1

1

 

 

3

A

Req

User name (signon) to be checked

1

10

 

 

4

A

Req

Password for the User Name to be checked.

1

128

 

 

5

A

Req

Encrypt Password.

Y - Encrypt password

other - do not encrypt password

1

1

 

 

6

N

Opt

Server Mapper Port.
Defaults to 449 if not specified or passed as 0.

1

5

0

0

 

 

Return Values

No

Type

Req/ Opt

Description

Min Len

Max Len

Min Dec

Max Dec

1

A

Req

Return Code.

OK - Signon is OK

CE - Communications error

LE - Local Encryption error

NR - User name does not exist

SE - Server error

WP - Wrong Password

UD - User name is disabled

LP - Password is too long

2

2

 

 

2

A

Req

Date Password Expires. Only valid if the Return Code is OK. Returned as '99991231' if the password never expires.

8

8

 

 

 

 

Technical Notes

Because of the way that the IBM i operating system handles user names and short passwords (Password level 0 or 1) with the US English (CCSID 037) characters '@', '#' and '$', this facility will only work with such user names and short passwords if the IBM i is operating in US English (CCSID 037).

The current implementation of SSL used for this facility ensures that encryption is negotiated and used for communication between the client and the IBM i server. It does not verify that the IBM i server is that specified on the security certificate that has been downloaded.

The interplay between SSL Required and Encrypt Password is interesting. If SSL is available and SSL Required is Y, then strictly speaking password encryption is not needed because the entire communication stream is encrypted, so Encrypt Password could be specified as N. If SSL Required is N, then we recommend that Encrypt Password be specified as Y.

The reasons for Return Code CE -Communications error can include:

  • a misspelling in the IBM i Server name;
  • the IBM i Server name not being locatable by your DNS;
  • a firewall between the local computer and the IBM i server;
  • the IBM i server being offline;
  • TCP/IP not being started on the IBM i server;
  • TCP/IP host servers not being started on the IBM i server;
  • SSL Required Y and the SSL TCP/IP host servers not being started on the IBM i server;
  • SSL not required and the non-SSL TSP/IP host servers not being started on the IBM i server.

If Return Code SE - Server Error is returned, a review of the joblog for the QZSOSIGN job on the IBM i server should show the detailed reason.