Is there a way to simultaneously change password for numerous user account simultaneously in IBM AS/400?

Question

I am new to IBM AS400. Recently there is a need in my company to implement a 90 days password change for all users. The problem is some users won't change their password even if we already notify them in advanced (notify through email or from AS400 itself). The first option is to have a QSECOFR account that would change the password automatically. The second option is to set PWDEXP value to *Yes and wait for the password to expire and it would notify the user to change. I am trying to mitigate if somehow the users were not able to change their password individually and would require someone else. Now imagine that there are 100 of user who needs to recover their account and using a super admin would require to manually change the password one by one. My question is can you change or recover the password of the user simultaneously?

Answer 1

Put 90 into system value QPWDEXPITV like this, from the AS400 command line,

chgsysval sysval(QPWDEXPITV) VALUE(90)

= = =

From the AS400 command line type,

WRKSYSVAL SYSVAL(*SEC)

Shows you all the system values related to security.

Look through them and you will see the above system value whose description is "Password expriation interval". Setting it to 90 means the passwords on the system have to change every 90 days. There is also system value QPWDEXPWRN, default 7 , this is the number of days before the password expires the AS400 will start warning the user.

Hope that helps.

The way to switch it off again is

chgsysval sysval(QPWDEXPITV) VALUE(*NOMAX)