Kisco Systems

Kisco U

Testing user profiles

Home : Kisco U : Testing user profiles

The best time to test a user profile, is when you initially create it. If, however, you have never tested your user profiles, you may want to tackle a project to get the profiles on your system tested on a periodic basis to make sure that they conform to your security objectives.

Set the profile password to a temporary code set the PWDEXP parameter for the profile to *YES. This will allow a single signon with the temporary password and then prompt for a new password during signon. When you signon to test the profile, you can then change the password to the user's final password or to another temporary code. If you assign a new temporary code then set the PWDEXP back to *YES when you're done testing.

Check the special QEZJOBLOG output queue if login fails

Upon successful login, run a checklist like this:

  • Is the right menu displayed?
  • Does the user have access to the command line? If yes, should they?
  • If an initial program was called for, did it execute correctly?
  • What happens when you press the Attention key function? Is it what you want the user to see?
  • Where is printed output going for the session? Is this where you wanted it to go?
  • What happens when you attempt to run the application or applications that this user should be using?
  • Are there any system tasks that the user should be able to run? Can they?
  • Are there specific functions that the user should be barred from? Can you access them?
  • Can the user access their printed output spool file? Do they have access to view other user's spool files? Should they?
  • Check the user's desktop environment for remote access tools. Using the user profile, can the user access data on your system that they are not authorized for?