How to automatically create an user not previously defined in UAMS ?

Document ID : KB000045639
Last Modified Date : 14/02/2018
Show Technical Document Details
 
Question :
 
How to automatically create an user not previously defined in UAMS ?
 
 
 
Answer :
 

 

When a new user not defined in Solve is requesting an access, the product administrator has to manually create a profile for this user in UAMS prior to the logon.
In an environment where there are a lot of users, this operation may be repetitive and tedious.

 

Solve and Netmaster products provide a facility which consists of automatically creating a new user in UAMS using the user modelling and avoid manual intervention.


Here is the procedure to follow:

This method only works with NMSAF partial security exit

1. Check in RUNSYSIN the SXCTL DDNAME where the security member name is located and which usually starts with SXP* (i.e.: SXPARMS or SXPxxxx - xxxx stands for the Domain Id). The default library is hlq.PARMLIB .

2. Check in this SXP* member, the MODEL statement which can have one of the following value:

- NONE
- SINGLE
- LIST
- SYSPARM

If the MODEL has NONE value, then the model user is disabled. Any logon with no UAMS record will be rejected with NSX910 UNKNOWN USERID: uuuuuuuu error.

If the MODEL is set with SINGLE, it is followed by MODELNAME aaaaaaaa (aaaaaaaa is the model userid).
The model Userid should be defined and available in UAMS Dataset otherwise the model user is disabled and an error will be returned with NSX910 message as above.

If the MODEL is set with LIST, it is followed by MODELGROUP providing SAF resource names and associated model names. The parameter can be repeated up to 20 times in the SXP* member.

If the MODEL is set with SYSPARM, the userid set from SYSPARM MODLUSER will be used as the model user. This method is more flexible than MODEL SINGLE as it does not require any region restart in case of model user modification using SYSPARM MODLUSER. The only requirement is to set SYSPARM MODLUSER=xxxxxxxx in NMINIT for the next region restart. The default is SYSPARM MODLUSER=NONE.


3. Restart the region after the modification.
At the time the new user is logging on, he will receive a panel to enter the general information (name, phone, language, ...) and the UAMS record is automatically created for this user after pressing PF03 to save and quit.

For Solve or Netmaster region running with PARTSAF partial security exit, a Full security exit or no security exit

 

Only SYSPARM MODLUSER can be implemented.

 

 
 
 
 
Additional Information :
The complete description can be found from Solve Security Guide where Appendix A lists all parms for SXCTL.