6.34 LceGetIBMiSignon
Returns the status of the user profile on the IBM i host and the date the password expires.
|
BOOL
|
LceGetIBMiSignon
|
(char far * int |
strServer, iMapperPort, |
|
|
|
BOOL |
fSSLRequired |
|
|
|
char far * |
strUserid, |
|
|
|
char far * |
strPassword, |
|
|
|
BOOL |
fEncryptPassword, |
|
|
|
char far * |
strReturnCode |
|
|
|
char far * |
strExpiryDate ) |
Parameters
|
strServer |
The IBM i server name or IP address. The length should not exceed SYSTEM_LENGTH as defined in LCOE.h. |
|
iMapperPort |
Defaults to 449 if passed as 0. |
|
fSSLRequired |
This parameter provides the ability to use SSL to communicate with the IBM i server. True = Use SSL False = Do not use SSL. |
|
strUserid |
The User Identifier. The length should not exceed USERID_LENGTH as defined in the LCOE.h header file. |
|
strPassword |
The password. The length should not exceed PASSWORD_LONG_LENGTH as defined in the LCOE.H header file |
|
fEncryptPassword |
This parameter provides the ability to encrypt the password in communications with the IBM i server. True = Encrypt the password. False = Do not encrypt the password |
|
strReturnCode |
The buffer location for the return code. The size should be at least RETURN_CODE_LENGTH + 1. The return codes returned: OK - Signon is OK CE - Communications error LE - Local Encryption error NR - User name does not exist SE - Server error WP - Wrong Password UD - User name is disabled LP – Password is too long |
|
strExpiryDate |
The buffer location for the returned expiry date. The size should be at least EXPIRY_DATE_LENGTH + 1. The format of the date is YYYYMMDD. Only valid if strReturnCode is OK. Returned as "99991231" if the password never expires |
Return Values
TRUE indicates that request completed without error.
FALSE indicates an error occurred.
Notes
Because of the way that the IBM i operating system handles user names and short passwords (Password level 0 or 1) with the US English (CCSID 037) characters '@', '#' and '$', this facility will only work with such user names and short passwords if the IBM i is operating in US English (CCSID 037).
The current implementation of SSL used for this facility ensures that encryption is negotiated and used for communication between the client and the IBM i server. It does not verify that the IBM i server is that specified on the security certificate that has been downloaded.
The interplay between SSL Required and Encrypt Password is interesting. If SSL is available and SSL Required is TRUE, then strictly speaking password encryption is not needed because the entire communication stream is encrypted, so Encrypt Password could be specified as FALSE. If SSL Required is FALSE, then we recommend that Encrypt Password be specified as TRUE.
The reasons for Return Code CE -Communications error can include:
- a misspelling in the IBM i Server name;
- the IBM i Server name not being locatable by your DNS;
- a firewall between the local computer and the IBM i server;
- the IBM i server being offline;
- TCP/IP not being started on the IBM i server;
- TCP/IP host servers not being started on the IBM i server;
- SSL Required TRUE and the SSL TCP/IP host servers not being started on the IBM i server;
- SSL Required FALSE and the non-SSL TCP/IP host servers not being started on the IBM i server.
If Return Code 'SE - Server Error' is returned, a review of the joblog for the QZSOSIGN job on the IBM i server should show the reason in detail.
Related Functions