Using password expiration intervals
I am trying to use the user profiles report to determine if any users have had their password expiration intervals set to something other than the system value. When I run the profiles report, all of the values are either a -1 or a 0. According to the Security Reference Redbook, the setting can be viewed as *NOMAX, *SYSVAL, or any number between 1 and 365. The system value has recently been changed to expire passwords after 60 days. However, there are users who have signed on since that have exceeded the expiration interval, and this is a continuous audit issue. Does anyone have any ideas?
When you view the User Profile report (or display the user profile) a -1 for the Password Expiration Interval indicates a setting of *NOMAX, a 0 means *SYSVAL. Any other number means the specified number of days.
MORE INFORMATION ON THIS TOPIC
The Best Web Links: Tips, tutorials and more.
Visit the ITKnowledge Exchange and get answers to your systems management questions fast.
Read this Search400.com Featured Topic: Take control of your iSeries.
Ask the Experts yourself: Our systems management gurus are waiting to answer your technical questions.
This was first published in September 2005