Replicate Users
Use this feature to replicate one or more user profiles to another system.
- Select 71. Work with network definitions in the BASE Support menu (STRAUD > 89 > 71). The Work with Network Systems screen appears.
| System type: AS400 Work with Network Systems System: S520 Position to . . . Type options, press Enter. 1=Select 4=Remove 7=Export dfn. 8=Check DDM 9=Verify communication Opt System Group RAZLEE1 *RL RAZLEE1 machine RAZLEE2 *G1 RAZLEE2 machine RAZLEE3 *G1 RAZLEE3 machine Bottom F3=Exit F6=Add New F7=Export dfn cmd F12=Cancel |
- Press F6 to define a new network system to work with and press Enter to confirm.
| System type: AS400 Add Network System System: S520 System . . . . . . . . . . Description . . . . . . . . Group where included . . . *NONE *Name Communication Details IP or remote name . . . . . Type . . . . . . . . . . . *IP *SNA, *IP Entry of *LOCAL on System . Use WRKRDBDIRE to verify Auto filled for this system. Required for Multi-LPAR of AOD, P-R, Replication. Copy of QAUDJRN on a different system Where is QAUDJRN analyzed . *SYSTEM Name, *SYSTEM Extension Id on remote . . Note: After adding a system, run again "Network Authentication". F3=Exit F12=Cancel Modify data, or press Enter to confirm. |
- Select 72. Network Authentication in the BASE Support screen (STRAUD > 89 > 72). The Network Authentication screen appears.
| Network Authentication Type choices, press Enter. User for remote work . . . SECURITY2P Name Password . . . . . . . . . Confirm password . . . . . In order to perform activity on remote systems, the user SECURITY2P must be defined on all systems and LPARS with the same password. SECURITY2P usually should be *DISABLED & LMTCPB(*YES). Product options which require this are: - referencing a log or a query with the parameter SYSTEM() - populating definitions, log collection, etc. - replication of user profiles, passwords Requires *ENABLED & LMTCPB(*NO) Values entered in this screen are NOT preserved in any iSecurity file. They are only used to set the user profile password and to set server authentication entries. Ensure that SysVal QRETSVRSEC is set to 1. F3=Exit F12=Cancel |
- Enter the .SECURITY2P user password twice and press Enter.
- Select 5. Auto start activities in ZAUDIT in the iSecurity/Base System Configuration menu (STRAUD > 81 > 5). The Auto Start Activities in ZAUDIT Subsystem screen appears.
| Auto Start Activities in ZAUDIT Subsystem 22⁄07⁄19 17:30:46 Type options, press Enter. Real-Time Auditing (All systems) . . . Y Y=Yes, N=No Status & Active jobs . . . . . . . . . Y Y=Yes, N=No Firewall & Screen (Action) . . . . . . Y Y=Yes, A=Always, N=No Selecting A will perform Action even if Firewall is in *FYI. (1) Message Queues (2) . . . . . . . . . . Y Y=Yes, N=No Replication of User, Pwd, SysVal . . . N Y=Yes, N=No (1) Action must be running in real mode (not in *FYI) (2) Only message queues marked as Active definition A=Auto start, are started. F3=Exit F12=Previous |
|
Parameter |
Description |
|---|---|
|
Real-Time Auditing (All systems) |
Y = Yes N = No If you set the Change Tracker parameters Enable Change Tracker and Enable Real Time Tracking to Y, then even if this parameter is set to N, activating the ZAUDIT subsystem activates the Audit job. You access the Change Tracker parameters in the Activation Mode option in the System Configuration menu in Change Tracker (STRCT > 81 > 1). |
|
Status & Active jobs |
Y = Yes N = No |
|
Firewall & Screen (Action) |
Y = Yes A = Always N = No Selecting A=Always will perform Action activities even if Firewall is running in *FYI. Action must be running in real mode (not in FYI). |
|
Message Queues (set to start at *IPL) |
Y = Yes N = No If this parameter is set to Y, then when adding new Message Queues, you can set them to start automatically at *IPL time. For more details, see Create Message Queue Audit Rules. |
|
Replication of User, Pwd, SysVal |
Y = Yes N = No |
- Enter the required parameters and press Enter.
- In the Source system only, run 71. Enable User/Password Replication in the Replication menu (STRAUD > 69 > 25 > 71). The Call Program (CALL) screen appears.
| Call Program (CALL) Type choices, press Enter. Program . . . . . . . . . . . . > AURPUEP Name Library . . . . . . . . . . . > SMZ4 Name, *LIBL, *CURLIB Parameters: Parameter . . . . . . . . . . > *ADD Type and length of parameter: Type . . . . . . . . . . . . . *DFT *DFT, *DEC, *CHAR, *LGL... Length . . . . . . . . . . . . Number Decimal positions . . . . . . Number + for more values Bottom F3=Exit F4=Prompt F5=Refresh F12=Cancel F13=How to use this display F24=More keys |
- Display active jobs in the Target Machine.
- Select 51. Work with Replication Rules from the Replication menu (STRAUD > 69 > 25 > 51).
| Work with Replication Rules Type options, press Enter. Position to . . . 1=Select 4=Remove 5=Display Subset . . . . . --Systems-- --Replicate-- Opt User* From To CRT CHG DLT *ALL *ALL *ALL Y Y Y AB* RAZLEE2 *ALL Y Y Y Bottom If CRT, CHG and DLT are blanks, no replication occurs. F3=Exit F6=Add New F8=Print F12=Cancel |
- Press F6 to add a new rule or type 1 to modify an existing rule. The Modify Replication Rules 1/2 screen appears.
| Screen 1⁄2 Modify Replication Rules Type choices, press Enter. User . . . . . . . . . . . *ALL Name, generic*, *ALL System combination From system . . . . . . . *ALL System, *ALL Replicate to system . . . *ALL System, *group, *ALL Replicate (set all to blanks for "no replication") Create user . . . . . . . Y Y=Yes, A=Yes⁄Change if exists Change user . . . . . . Y Y=Yes, A=Yes⁄Create if missing Delete user . . . . . . . Y Y=Yes If Change, replicate also (See more on next screen) User disabled . . . . . Y Y=Yes User enabled . . . . . . Y Y=Yes Password changes . . . . Y Y=Yes At run time, the best fit (most specific) rule for user names, regardless of systems, is selected. Rules with this user notation are then processed. Entries which FROM SYSTEM correspond or is *ALL, are scanned and a single replication request is sent for each TO SYSTEM. F3=Exit F4=Prompt F12=Cancel |
|
Parameters |
Description |
|---|---|
|
User |
Enter the name of the User Profile to replicate. Name = Enter the name of a specific profile to replicate Generic* = Use a generic name to copy a group of profiles *ALL = Replicate all profiles |
|
System combination |
From system = Type the source system name or select *ALL systems Replicate to system= Type the target system name, a group of systems or select *ALL systems |
|
Operations to Replicate |
Define how to replicate common operations. Set to blanks for no replication. Create user: Y = Yes – On the target computer, create all users that meet the rule definition and exist on the source computer, and do not exist on the target computer. A= Yes / Change if the User profile already exists On the target computer, create all users that meet the rule definition and exist on the source computer, and do not exist on the target computer. Users that meet the rule definition on the source computer and already exist on the target computer are changed on the target computer to be identical to the user on the source computer. Change user: Y = Yes – All users that meet the rule definition on the source computer and also exist on the target computer are changed on the target computer to be identical to the user on the source computer. A= Yes / Create if the User profile does not exist All users that meet the rule definition and also exist on the target computer are changed to be identical to the user on the source computer. Users that only exist on the source computer are created on the target computer. Delete user: Y = Yes – All users that meet the rule definition are deleted from the source computer. If they also exist on the target computer, they are deleted also from the target computer. |
|
Common attributes to replicate |
Select what common attributes to replicate. Set to blanks for no replication. User disabled: Y = Yes User enabled: Y = Yes Password changes: Y = Yes |
- Type the appropriate parameters and press Enter. The Modify Replication Rules 2/2 screen appears.
| Screen 2⁄2 Modify Replication Rules Type choices, press Enter. Description . . Parameters or Parameters with partial value to omit e.g. INLPGM or INLPGM(A⁄B F3=Exit F12=Cancel |
- Type a description and enter exception parameters that are not to be replicated and press Enter.
- Select STRAUD > 69 > 26 > 52. Replicate Users in the Replication menu (STRAUD > 69 > 25 > 52). The Replicate (Audit) User Profile screen appears.
| Replicate (Audit) user Profile (RPCAUUSR) Type choices, press Enter. User profile . . . . . . . . . . Name, generic*, *ALL System to replicate to . . . . . Name Replicate GRPPRF⁄SUPPRF first . *YES *NO, *YES Mark rightmost TEXT char with . A Character value, *NONE Bottom F3=Exit F4=Prompt F5=Refresh F12=Cancel F13=How to use this display F24=More keys |
|
Parameters |
Description |
|---|---|
|
User profile |
Enter the name of the User Profile to replicate. Name = Enter the name of a specific profile to replicate Generic* = Use a generic name to copy a group of profiles *ALL = Replicate all profiles |
|
System to replicate to |
Name = Enter the name of the target system |
|
Replicate GRPPRF/SUPPRF first |
*Yes = Replicate these profiles first *No = Do not replicate these profiles first |
|
Mark rightmost TEXT char with |
Character value *NONE = do not mark the text. |
- Enter the appropriate parameters and press Enter. The profiles are replicated.