Security-related Exit Programs

You may write exit programs that are called by the operating system to perform user-profile-related functions that suit your needs. With the use of these exit programs, the user-profile exit points notify you when a user profile has been created, changed, and so forth. For example, if you are maintaining a network of systems and you want to keep the user profile changes synchronized on all the systems, you can use these exit points to be notified of all the create, change, and delete profile activity. When a user profile is created on one system and you receive notification of that user profile being created, you can retrieve all the user profile information and create a duplicate user profile on the other systems in your network. The same can be done for any user profile changes and deletions.

For general information about IBM^® i security, see the Security reference topic collection.

The IBM i security-related exit programs are:

• Change User Profile is called when a user profile has been changed.
• Check Password (QIBM_QSY_CHK_PASSWRD) is called when a command or the QSYCHGPW API is used to set or change the password associated with a user profile.
• Create User Profile is called when a user profile is created.
• Delete User Profile is called when a user profile is deleted.
• Restore User Profile is called when a user profile is restored.
• Validate Password is called when a Change Password (CHGPWD) command or Change Password (QSYCHGPW) API is executed.

Note: The QIBM_QSY_HOSTFUNC, QIBM_QSY_OPNAVCENTRL, QIBM_QSY_OPNAVCLIENT, QIBM_QSY_OTHERCENTRL, and QIBM_QSY_OTHERCLIENT exit points are used only to store function registration information (see Register Function (QSYRGFN, QsyRegisterFunction) API). The exit programs within these exit points are never called, so the formats associated with these exit points (FCNR0100 and FCNR0200) are never used or documented.

---

[ Back to top | Security APIs | APIs by category ]