Problem solve
Get help with specific problems with your technologies, process and projects.
Run remote command exit program
With this program and OpsNav you can give certain users access to secure the Remote Command.
Here is a sample CL program that allows certain users with Limit Capabilities(*YES) to run the CALL command remotely.
Note in the remarks that initial access security to the remote command is set up through Operations Navigator:
- right click on the AS/400 in question;
- select Application Administration;
- select the Client Applications
- expand AS/400 Client Access Express;
- secure 'Remote Command - Command Line' to the appropriate users.
Information is also provided in the program remarks on how to register the exit program.
/********************************************************************/
/* */
/* Program name: UTJRMTCMD */
/* System name: Security */
/* Author: Mary C. Milliron */
/* Project No.: M5176 */
/* */
/* Program Narrative: */
/* */
/* This is an Exit program to secure the Remote Command to */
/* certain users. Initial security is provided by Operations */
/* Navigator. It is limiting access to the remote command to QPGMR, */
/* QSYSOPR, QSECOFR and APPDEV group profiles. APPDEV has been */
/* placed in the Additional Group Profiles list for certain users */
/* so that they can call a program that will end a server. This */
/* exit program was written to prevent them from accessing other */
/* commands. */
/* */
/* There are 2 types of remote commands that go thru this exit */
/* program: */
/* */
/* 1. The distributed program call. RCFID = 4099 */
/* This is a system call from an application. */
/* */
/* 2. The command line call. RCFID = 4098 */
/* This is a call from a Windows command prompt. */
/* */
/* To register this program as an exit program, WRKREGINF and */
/* add it to exit point QIBM_QZRC_RMT. */
/* */
/* Compiler Options: */
/* */
/* << list options specific to this program >> */
/* */
/* Command: */
/* */
/* << if applicable >> */
/* */
/* Program Modification History: */
/* */
/* mm/dd/yyyy intitials Project No: Mnnnn */
/* Description */
/* */
/********************************************************************/
PGM PARM(&STATUS &REQUEST)
DCL VAR(&MSG) TYPE(*CHAR) LEN(200)
/* */
/* PROGRAM CALL PARAMETER DECLARATIONS */
/* */
DCL VAR(&STATUS) TYPE(*CHAR) LEN(1) /* +
Accept/Reject indicator */
/* */
/* Note: Request is declared as *CHAR LEN(2000) because that is */
/* the limit in CL. The actual length of REQUEST is 4171. */
/* */
DCL VAR(&REQUEST) TYPE(*CHAR) LEN(2000) /* +
Parameter structure */
/* */
/* PARAMETER DECLARES */
/* */
/* COMMON DECLARES */
DCL VAR(&USER) TYPE(*CHAR) LEN(10)
/* User ID */
DCL VAR(&APPLIC) TYPE(*CHAR) LEN(10)
/* Server ID */
DCL VAR(&FUNCTN) TYPE(*CHAR) LEN(10) /* Function +
being performed */
/* REMOTE COMMAND SERVER DECLARES */
DCL VAR(&RCFMT) TYPE(*CHAR) LEN(8) /* Format +
name */
DCL VAR(&RCFID) TYPE(*CHAR) LEN(4) /* Function +
identifier */
DCL VAR(&RCPGM) TYPE(*CHAR) LEN(10) /* Program +
name */
DCL VAR(&RCLIB) TYPE(*CHAR) LEN(10) /* Program +
library name */
DCL VAR(&RCNUM) TYPE(*CHAR) LEN(4) /* Number of +
parms or cmdlen */
DCL VAR(&RCDATA) TYPE(*CHAR) LEN(6000) /* +
Command string nor parms */
/* */
/* OTHER DECLARES */
/* */
DCL VAR(&WRKLEN) TYPE(*CHAR) LEN(5)
DCL VAR(&DECLEN) TYPE(*DEC) LEN(8 0)
DCL VAR(&LMTCPB) TYPE(*CHAR) LEN(10)
DCL VAR(&CMD) TYPE(*CHAR) LEN(4)
DCL VAR(&RCFID_DEC) TYPE(*DEC) LEN(5 0) /* +
Function identifier */
/* */
/* EXTRACT THE VARIOUS PARAMETERS FROM THE STRUCTURE */
/* */
/* HEADER */
CHGVAR VAR(&USER) VALUE(%SST(&REQUEST 1 10))
CHGVAR VAR(&APPLIC) VALUE(%SST(&REQUEST 11 10))
CHGVAR VAR(&FUNCTN) VALUE(%SST(&REQUEST 21 10))
/* REMOTE COMMAND SERVER */
CHGVAR VAR(&RCFMT) VALUE(%SST(&REQUEST 21 8))
CHGVAR VAR(&RCFID) VALUE(%SST(&REQUEST 29 4))
CHGVAR VAR(&RCFID_DEC) VALUE(%BINARY(&RCFID)) /* +
convert binary to decimal */
MONMSG MSGID(CPF0000)
CHGVAR VAR(&RCPGM) VALUE(%SST(&REQUEST 33 10))
CHGVAR VAR(&RCLIB) VALUE(%SST(&REQUEST 43 10))
CHGVAR VAR(&RCNUM) VALUE(%SST(&REQUEST 33 10))
CHGVAR VAR(&RCDATA) VALUE(%SST(&REQUEST 57 1043))
/* */
/* BEGIN MAIN PROGRAM */
/* */
CHGVAR VAR(&STATUS) VALUE('1') /* INITIALIZE RETURN +
VALUE TO ACCEPT THE REQUEST */
/* ADD LOGIC COMMON TO ALL SERVERS */
IF COND(&APPLIC *EQ '*RMTSRV') THEN(GOTO +
CMDLBL(RMTCMD)) /* IF RMTCMD/DPC */
GOTO CMDLBL(EXIT)
/* */
/* SUBROUTINES */
/* */
RMTCMD:
RTVUSRPRF USRPRF(&USER) LMTCPB(&LMTCPB)
CHGVAR VAR(&CMD) VALUE(%SST(&RCDATA 1 4))
IF COND(&LMTCPB *EQ '*YES' *AND &RCFID_DEC = +
4098 *AND (&CMD *NE 'CALL' *AND &CMD *NE +
'call' *AND &CMD *NE 'Call' *AND &CMD *NE +
' ')) THEN(CHGVAR VAR(&STATUS) +
VALUE('0')) /* Only allow user to execute +
the CALL command */
GOTO CMDLBL(EXIT)
EXIT:
ENDPGM
Start the conversation
0 comments