Strategi User Identification with Emulation

Product: Strategi
Modified Date:

In many cases, such as the assignment of print outq's, it will be necessary for the iSeries 400 to know what Strategi user someone is signed in as. The user identification information can be passed to the iSeries 400 startup job whenever a Strategi user signs on to the iSeries 400. This is done using a specifically modified signon screen, which includes fields to accept Strategi-related input, and few Strategi configuration entries. The process is:
  • When the user logs in through Strategi, Strategi will place the user type, number, and Strategi library (which, in this document, we will assume to be STRATEGI) name in these signon screen fields.
  • The iSeries 400 signon CL (set for the iSeries 400 user profile) or job initiation program (set in the subsystem description for the subsystem supplying the signon screens) calls a BusinessLink command to retrieve the user information.
  • The RTVSGISSNI command creates a data area in QTEMP containing the information, which is then available for the rest of the job.
Setup Details
  • Modify the signon screen to add the user information field. The information field may be placed anywhere on the screen, and must be 28 bytes long, hidden, protected and flagged as MDT-set. This field must be hidden, so the users never see it. The field must be flagged with a MDT (modified data tag), so the field is treated as "changed", and the data found therein always returned to the iSeries 400. Refer to STRATEGI/SGIEXAMPLE(QDSIGNON) for a standard signon screen modified example. Be sure to verify that the field is not at the same row and column settings as any other elements on the signon screen. If your screen is using the IBM defaults for the Menu label, this will collide with the ABLUSRINF row and column setting as provided in QDSIGNON.
  • Assign the modified signon screen to the subsystem which supplies the virtual devices used for Strategi signon, using the command "CHGSBSD", keyword "SGNDSPF". This subsystem will need to be restarted to make the new signon screen active. If you use this opportunity to redesign the signon screen, the new signon screen will be unrecognizable to Strategi until the configuration is updated.
  • Configure the user information field location in the Strategi configuration, at Keyword "STRATEGIUSER", in group "VRT", then restart Strategi. Reconnect with Strategi after restarting, ensuring the signon screen definition is functioning correctly.
  • Optionally, you may create a new user profile, SGIDFTOWN, with password *NONE and status *DISABLED. This user profile's sole purpose is to protect the data area created in QTEMP in the step below, so later programs or users cannot modify it, thus impersonating another registered user. It is not used for any jobs, interactive or batch. This protection is achieved by changing the owner of the *DTAARA to SGIDFTOWN, and revoking the user's authority to the object to prevent the contents of the DTAARA being modified or the DTAARA being removed after the user has signed on. This means, then, that the DTAARA area can be continually accessed to identify the user by applications throughout the job and the information it contains trusted, from a security point of view. If used in the signon program, this command may fail if certain messages, such as "User *OUTQ is invalid," are sent by the system.
  • Modify either the user(s) signon program or the subsystem job initiation program to call RTVSGISSNI. If security is required, the signon job must be placed at the top of the library list, and the RTVSGISSNI command called specifically from the STRATEGI library and not from the library list. Refer to STRATEGI/SGIEXAMPLE(SYSSIGNON) & (SYSSIGNON2) [V1R9+] or (SYSSGNON & SYSSGNON2) [V1R8 & earlier] for a working example of this, using the user's signon program. If a signon program is used, it is preferable to assign all users the same signon program, and have this branch to a separate user specific job, if such a job has been set up.

** End of Technical Support Bulletin **