MDUPDUSR – Update MDSEC User Command
The Update MDSEC User (MDUPDUSR) command provides the ability to systematically add, update or remove a user in MDSEC.
All MDUPDUSR transactions are logged in file MDCMS(ENV)/MDDUUSR.
Restrictions
The job user must be authorized to command MDUPDUSR in MDSEC. See section MD Command Security for more information.
Parameters
| PARM | Label | Length | Description |
|---|---|---|---|
| USER | User ID | 10 | The user ID (required). *ALL – all user IDs – may only be used for option *UPDADD to add or remove roles, change Group Auth usage, Current User Auth usage or CCSID for all defined users. |
| OPT | Option | 7 | Specifies the option to be taken with this command. *UPDADD – If the user already exists in MDSEC, it will be updated with the provided information. Otherwise, the user will be added. *ADD – Add the provided information only if the user isn't already defined in MDSEC. *REMOVE – Remove the user from MDSEC. |
| DESC | Description | 50 | The user description. *SAME – Don't update the description. If for a new user, the description will be retrieved from the IBM i user profile. |
| ADDR | Email Address | 60 | The email address of the user. *SAME – Don't update the email address. Will be ignored for a new user. *NONE – remove the email address, if currently defined. |
| EXTU | External User ID | 20 | The external user ID, if mapping from LDAP for the usage of MDWorkflow. *SAME – Don't update the external User ID. Will be ignored for a new user. *NONE – remove the external User ID, if currently defined. |
| ACT | Active | 5 | Specifies if the user profile is activated (enabled) in MDSEC. *SAME – Don't update the Active flag. If for a new user, the flag will be set to *YES=Activated. *YES – The user is activated in MDSEC. *NO – The user is deactivated in MDSEC. |
| GRPA | Use Group Auth | 5 | Specifies if authority for the user should be based on the authority permitted for the primary group that the user belongs to. *SAME – Don't update the Use Group Auth flag. If for a new user, the flag will be set to *NO. *YES – The user's authority is based solely on the authority permitted for the primary group. *NO – The user's authority is based solely on the authority permitted for the user themself. *BOTH – The user's authority is based on the combination of the authority for the group and the specific user. |
| CURA | Use Current User Auth | 5 | Specifies if authority for the current user is allowed to be used if the job user isn't authorized to a function. *SAME – Don't update the flag. If for a new user, the flag will be set to *NO. *YES – Current User authority checking is permitted in MDSEC. *NO – Current User authority checking is not permitted. |
| CCSID | CCSID Override | 5 | The CCSID to use for the user, instead of the CCSID defined for the MDCMS instance. This value is used for character translation between the MDCMS database and MDOpen/MDWorkflow. *SAME – Don't update the CCSID Override value. Will be ignored for a new user. *NONE – remove the CCSID Override value, if currently defined. |
| ADDROLE | Add Role | 10 | The list of up to 20 MDSEC authority roles that should be granted to the user. *ALL – Grant every defined role to the user. |
| RMVROLE | Remove Role | 10 | The list of up to 20 MDSEC authority roles that should be revoked for the user. *ALL – remove the user from every role that they currently belong to. |
| ENV | Environment ID | 5 | Specifies the MDCMS environment that the Project exists in. The ID correlates to the suffix of the MDCMS library name. *DFT – The default environment will be used (library MDCMS). *SAME – The environment of the current library list will be used. |