CRTUSRPRF (Create User Profile) Command Description

CRTUSRPRF Command syntax diagram

Purpose The Create User Profile (CRTUSRPRF) command identifies a user to the sys
tem and allows you to customize the way the system appears. When the profile is
created, the profile is given *CHANGE and *OBJMGT authorities for the profile it
self. The system relies on the profile having these authorities to itself and th
ey should not be removed.
Restriction: The user of this command must have (1) *SECADM special authority, (
2) *USE authority to the initial program, initial menu, job description, message
queue, output queue, and attention-key-handling program if specified, and (3) *
CHANGE and object management authorities to the group profile and supplemental g
roup profiles, if specified.
Required Parameter
USRPRF
Specifies the user name for this user profile. The character set for user profil
e names is the same set used for *SNAME type on the parameter statement of comma
nd definitions source statements. A numeric user profile can be specified. If th
e user profile is numeric, then it must begin with a Q.
Optional Parameters
PASSWORD
Specifies the password that lets the user sign on the system. The password is as
sociated with a unique user name used to represent the user in the system. The p
assword should be known only to the user. A numeric password can be specified. I
f the password is numeric, then it must begin with a Q, for example, Q12341234 i
s the password used for signing on the system.
Note: The new password is not checked against the password validation rules. T
he password validation rules are defined by OS/400 system values. For a descript
ion of the password validation rules, see the Security - Reference book.
*USRPRF: The password for this user is the user profile name specified in the US
RPRF parameter.
*NONE: No password is used by this user. Users cannot sign on a system with a pr
ofile that has PASSWORD(*NONE) specified.
user-password: Specify an alphanumeric character string (10 characters or less)
personal profile. The first character must be alphabetic and the other character
s must be alphanumeric.
SPCAUT
Specifies the special authorities granted to a user. Special authorities are req
uired to perform certain functions on the system. Special authorities cannot be
removed from many of the system supplied user profiles including QSECOFR and QSY
S.
Restrictions:
1.
The user profile that is creating or changing another user profile must
have all the special authorities being granted.
2.
A user must have *ALLOBJ and *SECADM special authorities to grant anothe
r user *SECADM special authority when using the CRTUSRPRF command.
3.
The user must have *ALLOBJ, *SECADM, and *AUDIT special authorities to g
rant another user *AUDIT special authority when using the CRTUSRPRF command.
*USRCLS: Special authorities are granted to the user based on the value specifie
d in the USRCLS parameter.
*NONE: No special authorities are granted to the user.
*ALLOBJ: All object authority is granted to the user. It is granted to users who
work with system resources. The user can access any system resource whether or
not the user has private authorizations.
*AUDIT: Audit authority is granted to the user. This user is given the authority
to perform auditing functions. Auditing functions include turning auditing on o
r off for the system and controlling the level of auditing on an object or user.
*IOSYSCFG: Input/Output system configuration authority is granted to the user. T
he user has authority to change system I/O configurations.
*JOBCTL: Job control authority is granted to the user. It is normally granted to

users who operate the system. The user has authority to change, display, hold,
release, cancel, and clear all jobs running on the system or on a job queue or o
utput queue for which OPRCTL (*YES) is specified. The user also has the authorit
y to start writers, and to stop active subsystems.
*SAVSYS: Save system authority is granted to this user profile. It is normally g
ranted to users who operate the system. The user has authority to save, restore,
and free storage for all objects on the system, whether or not object managemen
t authority has been granted.