Disabled user profiles
IBM® i NetServer uses user profiles and passwords to allow network administrators to control how users can access data. In addition, the QMAXSIGN system value specifies how many unauthorized sign-on attempts disable the user profile for IBM i NetServer use.
A user profile becomes disabled when the user tries to access IBM i NetServer a specified number of times with an incorrect password. A user profile cannot become completely disabled when connecting to a system with IBM i NetServer. If a user exceeds the maximum number of sign-on attempts, the user profile becomes disabled for IBM i NetServer use only. Other types of access, such as a system sign-on, are not prevented.
IBM i NetServer uses the last-changed date in user profiles to determine whether they have changed since becoming disabled. If the last-changed date is newer than the date of becoming disabled, the user profile becomes enabled again for use with IBM i NetServer.
- The QSYSOPR message queue displays the CPIB682 error message, which indicates when auser profile was disabled for use with IBM i NetServer.
- Some clients will try a name and password several times without the user being aware of it. For example, if the user's desktop password does not match the user profile password, the client can try to access IBM i NetServer several times before displaying the Network Password window. When the correct password is supplied, the user profile might already be disabled for IBM i NetServer use on the system. If you encounter this situation, the maximum sign-on attempts allowed system value, QMAXSIGN, can be increased to accommodate multiple client authentication attempts. You can use the Work with System Values command WRKSYSVAL SYSVAL (QMAXSIGN) to change the maximum sign-on times.