user profile being disabled by ZEND

General discussion on Zend Core for IBM System i
Post Reply
dzarder
Posts: 8
Joined: Mon Mar 30, 2009 9:55 pm

user profile being disabled by ZEND

Post by dzarder » Fri Apr 16, 2010 5:09 pm

I have been experiencing a strange phenomenon lately. ZEND is disabling my user profile (see message info below). Not sure why this is happening. It seems to occur after I run a new PHP script that I am testing. The script is in a secured folder that requires a username & password. However, that uses a validation list, NOT the AS/400 user profile. When I run WRKSBSJOB ZEND, it indicates that the various ZEND jobs are running under users QTCP and ZENDADMIN. How could this be affecting my personal user profile?

Has anyone ever seen this type of thing before?

Additional Message Information

Message ID . . . . . . : CPF1393 Severity . . . . . . . : 70
Message type . . . . . : Information
Date sent . . . . . . : 04/16/10 Time sent . . . . . . : 10:59:37

Message . . . . : User profile DZARDER has been disabled.
Cause . . . . . : User profile DZARDER on device *N or network address *N in
subsystem ZEND has been disabled because the maximum number of sign-on
attempts specified for the QMAXSIGN system value has been reached. If the
device, subsystem, or network address is *N, then the information was not
available.

User avatar
shlomov
Zend Global Support
Posts: 139
Joined: Mon Dec 29, 2008 2:38 pm

Re: user profile being disabled by ZEND

Post by shlomov » Mon Apr 19, 2010 8:42 am

The message in general refers to the user profile sign on attempts:
1. check the system value QMAXSIGN - Maximum sign-on attempts allowed (WRKSYSVAL QMAXSIGN)
2. check the user profile, Password expiration interval PWDEXPITV, Set password to expired PWDEXP (WRKUSRPRF)
3. check the sbs description for any added device restrictions WRKSBSD SBSD(ZEND) options:
4. Work station name entries
5. Work station type entries

4. for more information use the support center ticketing system as well, please include the apache configuration file and additional information/example of the php script, the directory authority, user profile description.

5. The IBM HTTP Server version of Apache is more full-featured and include the ability to use basic password authentication.
with the IBM HTTP Server, you can set up a Virtual host to do the authentication, and then proxy the request to the PASE server.
please follow these knowledge base articles for basic authentications of the IBM HTTP and/or PASE apache:

Apache - PASE Authentication, Authorization and Access Control
http://kb.zend.com/index.php?View=entry&EntryID=260
Apache - PASE Authentication, Authorization and Access Control
http://kb.zend.com/index.php?View=entry&EntryID=258
Shlomo Vanunu
IBM System i

Post Reply