Skip to main content

Enhancements for Managing Service Tools User IDs in 7.4

In this i Can blog post, Dawn May breaks down service tool requirements for IBM i 7.4.

Dawn May October 23, 2019

Service tools user IDs are required to access System Service Tools (SST), Dedicated Service Tools (DST) and the disk management tasks within Navigator for i. These interfaces allow you to perform functions that can have a major impact on your system, such as managing disk units, managing system security and access to tools such as Display/Alter/Dump. It’s important to carefully control access to these service tools.
Prior to 7.4, service tools user ID password composition rules were very basic; there was a minimum length requirement and expiration interval.
With 7.4, you can now implement password composition rules consistent to those of IBM i user profiles. The password rules available are the same as the ones you can specify with the QPWDRULES system value. You can change the password rules within SST or DST using service tools security options.
In 7.4, IBM also provided command interfaces to set (CHGSSTSECA) or display (DSPSSTSECA) service tools security attributes, which includes the SST password rules. This alleviates the need to use the SST or DST menu-driven interfaces to review the settings or make changes. When using the CHGSSTSECA command, you must specify your service tools user ID and password and have the service tools “Service Tools Security” functional privilege. DSPSSTSECA has outfile support, so you also have a programmatic interface to these settings.
In addition to adding service tools password rules, you can now create, change, and display service tools user IDs through command interfaces. The Create SST User, Change SST User and Delete SST User commands are new with 7.4; the Display SST User command has been around since the 6.1 release. With the create and change SST user commands you can change the password, enable or disable the ID, link it to an IBM i user profile, and specify the service tools privileges for that service tools user ID. Again, you must have a service tools user ID to use these commands as well as the “Service Tools Security” privilege but having the command interface will make it easier to manage your service tools user IDs.

Related Articles See more

Articles

z/OS and Friends: A Rich Heritage of Built-in Functions, From Nucleus to Networking

Joseph Gulla

February 4, 2025

Articles

Inside PowerVM Virtual Media Library With NFS

Chris Gibson

January 31, 2025

Articles

Diving Into the PowerVM v4.1.1.0 and AIX 7.3.3 Releases

Jaqui Lynch

January 23, 2025

© 2025 TechChannel. All rights reserved

Key Enterprises LLC is committed to ensuring digital accessibility for techchannel.com for people with disabilities. We are continually improving the user experience for everyone, and applying the relevant accessibility standards.