6 34 LceGetIBMiSignon

LANSA Open Guide

6.34 LceGetIBMiSignon

Returns the status of the user profile on the IBM i host and the date the password expires.

BOOL

 

LceGetIBMiSignon

 

(char far *

int

strServer, 

iMapperPort,

 

 

 BOOL

fSSLRequired

 

 

 char far * 

strUserid,

 

 

char far *

strPassword,

 

 

BOOL

fEncryptPassword,

 

 

char far *

strReturnCode

 

 

char far *

strExpiryDate )

  

Parameters

strServer

The IBM i server name or IP address. The length should not exceed SYSTEM_LENGTH as defined in LCOE.h.

iMapperPort

Defaults to 449 if passed as 0.

fSSLRequired

This parameter provides the ability to use SSL to communicate with the IBM i server.

True = Use SSL

False = Do not use SSL.

strUserid

The User Identifier. The length should not exceed USERID_LENGTH as defined in the LCOE.h header file.

strPassword

The password. The length should not exceed PASSWORD_LONG_LENGTH as defined in the LCOE.H header file

fEncryptPassword

This parameter provides the ability to encrypt the password in communications with the IBM i server.

True = Encrypt the password.

False = Do not encrypt the password

strReturnCode

The buffer location for the return code. The size should be at least RETURN_CODE_LENGTH + 1.

The return codes returned:

OK - Signon is OK

CE - Communications error

LE - Local Encryption error

NR - User name does not exist

SE - Server error

WP - Wrong Password

UD - User name is disabled

LP – Password is too long

strExpiryDate

The buffer location for the returned expiry date. The size should be at least EXPIRY_DATE_LENGTH + 1. The format of the date is YYYYMMDD.

Only valid if strReturnCode is OK.

Returned as "99991231" if the password never expires

  

Return Values

TRUE indicates that request completed without error.

FALSE indicates an error occurred.

Notes

Because of the way that the IBM i operating system handles user names and short passwords (Password level 0 or 1) with the US English (CCSID 037) characters '@', '#' and '$', this facility will only work with such user names and short passwords if the IBM i is operating in US English (CCSID 037).

The current implementation of SSL used for this facility ensures that encryption is negotiated and used for communication between the client and the IBM i server. It does not verify that the IBM i server is that specified on the security certificate that has been downloaded.

The interplay between SSL Required and Encrypt Password is interesting. If SSL is available and SSL Required is TRUE, then strictly speaking password encryption is not needed because the entire communication stream is encrypted, so Encrypt Password could be specified as FALSE. If SSL Required is FALSE, then we recommend that Encrypt Password be specified as TRUE.

The reasons for Return Code CE -Communications error can include:

  • a misspelling in the IBM i Server name;
  • the IBM i Server name not being locatable by your DNS;
  • a firewall between the local computer and the IBM i server;
  • the IBM i server being offline;
  • TCP/IP not being started on the IBM i server;
  • TCP/IP host servers not being started on the IBM i server;
  • SSL Required TRUE and the SSL TCP/IP host servers not being started on the IBM i server;
  • SSL Required FALSE and the non-SSL TCP/IP host servers not being started on the IBM i server.

If Return Code 'SE - Server Error' is returned, a review of the joblog for the QZSOSIGN job on the IBM i server should show the reason in detail.

 

Related Functions

6.12 LceDisplayErrors

6.61 LceSetIBMiSignon