Create Service Tools User ID (CRTSSTUSR)
Where allowed to run: All environments (*ALL) Threadsafe: No |
Parameters Examples Error messages |
The Create Service Tools User ID (CRTSSTUSR) command creates a service tools user ID that can be used to access service functions through Dedicated Service Tools (DST), System Service Tools (SST), IBM Navigator for i (for disk unit management), and Operations Console.
Restrictions:
- You must have security administrator (*SECADM) and service (*SERVICE) special authorities.
- The requesting service tools user ID must have the Service Tool user functional privilege "Service Tool Security".
Top |
Parameters
Keyword | Description | Choices | Notes |
---|---|---|---|
REQUSRID | Requesting SST user ID | Character value | Required, Positional 1 |
REQPWD | Requesting SST user ID pwd | Character value | Required, Positional 2 |
USRID | Service tools user ID | Character value | Required, Positional 3 |
USERINFO | Service tools user ID info | Element list | Required, Positional 4 |
Element 1: Password | Character value | ||
Element 2: Status | *ENABLED, *DISABLED | ||
Element 3: Set password to expired | *NO, *YES | ||
Element 4: Text 'description' | Character value, *BLANK | ||
Element 5: Linked profile | Character value, *NONE | ||
PRIVILEGES | Privileges | Element list | Optional |
Element 1: Disk units - operations | *NO, *YES | ||
Element 2: Disk units - administration | *NO, *YES | ||
Element 3: Disk units - read only | *NO, *YES | ||
Element 4: System partitions - operations | *NO, *YES | ||
Element 5: System partitions - admin | *NO, *YES | ||
Element 6: Partition remote panel key | *NO, *YES | ||
Element 7: Operator panel functions | *NO, *YES | ||
Element 8: Operating system IPL | *NO, *YES | ||
Element 9: Install | *NO, *YES | ||
Element 10: Performance data collector | *NO, *YES | ||
Element 11: Hardware service manager | *NO, *YES | ||
Element 12: Display/Alter/Dump | *NO, *YES | ||
Element 13: Main storage dump | *NO, *YES | ||
Element 14: Product activity log | *NO, *YES | ||
Element 15: License Internal Code log | *NO, *YES | ||
Element 16: License Internal Code fixes | *NO, *YES | ||
Element 17: Trace | *NO, *YES | ||
Element 18: DST environment | *NO, *YES | ||
Element 19: Remote service support | *NO, *YES | ||
Element 20: Service tools security | *NO, *YES | ||
Element 21: Service tools save and restore | *NO, *YES | ||
Element 22: Debug | *NO, *YES | ||
Element 23: System capacity - operations | *NO, *YES | ||
Element 24: System capacity - admin | *NO, *YES | ||
Element 25: System security | *NO, *YES | ||
Element 26: Start service tools | *NO, *YES | ||
Element 27: Take over console | *NO, *YES |
Top |
Requesting SST user ID (REQUSRID)
The service tools user ID that will be used to create the specified user ID. This user ID must have the Service Tool user functional privilege "Service Tool Security".
This is a required parameter.
Top |
Requesting SST user ID pwd (REQPWD)
The password for the requesting service tools user ID.
This is a required parameter.
Top |
Service tools user ID (USRID)
The service tools user ID to create. The user ID can include letters, numbers and special characters #, @, $, or _.
This is a required parameter.
Top |
Service tools user ID info (USERINFO)
Specifies information for the service tools user ID that will be created.
Element 1: Password
The password that allows the service tools user to sign on.
This value is required.
- 'password'
- The password associated with the service tools user ID.
Element 2: Status
The status of the service tools user ID.
- *ENABLED
- The service tools user ID is valid for sign on.
- *DISABLED
- The service tools user ID is not valid for sign on until an authorized user enables it.
Element 3: Set password to expired
The password for the service tools user ID is set to expired. The user is required to change the password to sign on.
- *NO
- The password is not set to expired.
- *YES
- The password is set to expired.
Element 4: Text 'description'
Specifies the text that briefly describes the object.
- *BLANK
- No text is specified.
- 'description'
- Specify no more than 64 characters of text, enclosed in apostrophes.
Element 5: Linked profile
The name of the user profile that is linked to the service tools user ID. Linking a service tools user ID to a user profile allows you to have the privileges of the service tools user ID when using an IBM i interface that requires those privileges.
- *NONE
- A user profile is not linked to the service tools user ID.
- 'profile name'
- The name of the user profile.
Top |
Privileges (PRIVILEGES)
The service tools user function privileges associated with the user ID.
The allowed values for the privileges are:
- *NO
- The service tools user ID does not have the privilege. This is the default unless a specific privilege indicates otherwise.
- *YES
- The service tools user ID has the privilege.
Element 1: Disk units - operations
Privilege to perform disk operator service functions.
Element 2: Disk units - administration
Privilege to perform disk unit administrator service functions.
Element 3: Disk units - read only
Privilege to perform disk read only service functions.
Element 4: System partitions - operations
Privilege to perform system partition operator service functions.
Element 5: System partitions - admin
Privilege to perform system partition administrator service functions.
Element 6: Partition remote panel key
Privilege to change a panel key for the specified partition where it is secured.
Element 7: Operator panel functions
Privilege to use the operator panel functions.
Element 8: Operating system IPL
Privilege to perform an IPL.
Element 9: Install
Privilege to perform a system install.
Element 10: Performance data collector
Privilege to perform performance data collector service functions.
The default for this privilege is *YES.
Element 11: Hardware service manager
Privilege to perform hardware resource management service functions.
Element 12: Display/Alter/Dump
Privilege to work with Display/Alter/Dump.
Element 13: Main storage dump
Privilege to perform a main storage dump.
The default for this privilege is *YES.
Element 14: Product activity log
Privilege to view and work with the product activity log.
Element 15: License Internal Code log
Privilege to view and work with the Licensed Internal Code (LIC) log.
The default for this privilege is *YES.
Element 16: License Internal Code fixes
Privilege to load Licensed Internal Code (LIC) PTFs.
The default for this privilege is *YES.
Element 17: Trace
Privilege to read and perform the trace service functions.
Element 18: DST environment
Privilege to change the Dedicated Service Tools (DST) environment.
Element 19: Remote service support
Privilege to configure and connect to the system using the Remote Service Support interface.
Element 20: Service tools security
Privilege to work with and change Licensed Internal Code (LIC) security values.
Element 21: Service tools save and restore
Privilege to perform save and restore service security functions.
Element 22: Debug
Privilege to use the service debug tools.
Element 23: System capacity - operations
Privilege to perform system capacity operations service functions.
Element 24: System capacity - admin
Privilege to perform system capacity administration service functions.
Element 25: System security
Privilege to perform security service functions and to work with security lock down values.
Element 24: Start service tools
Privilege to sign-on and work with SST.
Element 27: Take over console
Privilege for a LAN console user to take over the console from another LAN console user.
Top |
Examples
Example 1: Create service tools user ID with default privileges
CRTSSTUSR REQUSRID(SSTUSR) REQPWD(SSTPWD) USRID(NEWSSTUSER) USERINFO((userpwd) *ENABLED *NO 'User number 1')
This command creates a service tools user ID NEWSSTUSR with a password of userpwd. The user ID is created with a status of enabled, the password is not expired, and the text is 'User number 1'. The NEWSSTUSR service tools user ID is given the default privileges since the PRIVILEGES parameter was not specified.
Top |
Error messages
*ESCAPE Messages
- CPF222E
- &1 special authority is required.
- CPF225B
- Service tools ID &1 not correct.
- CPF225C
- Requesting service tools ID not correct.
- CPF225D
- Requesting service tools ID password not correct.
- CPF4AB3
- Error occurred for service tools ID. Reason code &1.
- CPF4AB7
- Service tools user ID password cannot be changed.
- CPF4AD2
- New password not valid. Reason code &1.
Top |