Friday, October 6, 2017

Calling Java classes from PowerShell in order to change an iSeries/AS400 password

I was recently working on a "solution" to allow an automated process on a Window 10 system to interact with an iSeries system. A part of the problem to be solved is that the iSeries system in question has a rule requiring frequent password changes. Understandable but not conducive to automated processing. Additionally, the user under which this process would run does not have SECADM rights so calling chgusrprf through FTP was not an option. What to do, what to do...

 Search web, search web, search web...

 Seems that IBM has a "Toolbox for Java" product (http://www-03.ibm.com/systems/power/software/i/toolbox/) and just so happens that there is a open source version called JTOpen (http://jt400.sourceforge.net/ - got to love that) that supports changing your password remotely.

 OK, now I have a possible solution. How do I call a Java class from PowerShell?

 Search web, search web, search web...

 Try, search, try, search, try search...

 Fail... Issues finding the proper classes in the JTOpen to do a password change as this is a toolkit for you to build solutions out of.

 Search web, search web, search web...

 SOLUTION! Someone (don't you LOVE the Internet?) had a similar issue and wrote a Java JAR to encapsulate the problem into a simple command line type of call. You can get it here: https://github.com/cwg999/AS400PasswordChanger/tree/master/export

 Downloaded that.

 More try(s) and search(es) and finally SUCCESS!

 Here is my simple "walk through" of the above solution in PowerShell. I will wind up putting this into a much larger script that will be scheduled to run in half of the configured password life time.

 - Get AS400PasswordChanger.jar from the above link.
- Create a directory and copy that JAR file into it.
- Open a PowerShell.
- In PowerShell, change to the directory you created (that contains the JAR file).
- Enter the following command:

 java -jar ./AS400PasswordChanger.jar {iSeries name/IP} {user name} {current password} {new password}

 If all goes well, you should see: Change Successful.

The only error I got once I actually got it to work (all prior errors were PowerShell or Java errors) was this one and that was because the iSeries I was using for testing does not allow you to change your password more than once per 24 hours and I had to change it when I logged in due to it having expired already:

com.ibm.as400.access.AS400SecurityException: Password change is not allowed at this time.:{user name}


Hope this saves someone else some time.
Posted by at
Labels: , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)