From:	US2RMC::"BRODIE@cpg.mcw.edu" "Kent C Brodie" 29-FEB-1996 13:45:27.84
To:	OPEN-VMS-SIG@decus.org
CC:	
Subj:	Checking if password has been changed from DCL: a cool answer

Folks -- thanks for the kind suggestions, but I eventually figured out exactly
what I need on my own.   There's a sort-of documented lexical function,
f$getjpi("","LOGIN_FLAGS").    LOGIN_FLAGS is a bitmapped integer that
returns different values, depending on login stuff. (I had to look up
the $GETJPI system service information to figure out what bits do what).
The first few bits are something like:

 8   4   2   1    (decimal equivalent of bit)
___ ___ ___ ___
 |   |   |   |----User has new mail
 |   |   |--------Users primary password was changed during login
 |   |------------Users primary password expired during login
 |----------------User was WARNED the password is going to expire soon

Based on this bitmask, the integer values to check for a just-changed password
are therefore 2,3,6,7.   (I don't bother checking the higher bits,
because those deal with SECONDARY passwords which we do not use).
[no need to check for value "10", because the user gets warned OR the
pw was changed-- not both]

The little DCL code, therefore, to check if a users password has been
changed during login is thus:

$ flag = f$getjpi("","LOGIN_FLAGS")
$ if (flag .eq. 2) .or. (flag .eq.3) .or. (flag .eq. 6) .or. (flag .eq. 7)
$ then
$   !Users password changed during login, do stuff here
$ else
$   !Nevermind, users password did not change during login process.
$ endif

...this works perfectly in our environment, since all users are captive
and appropriate action just after a pw change can be performed....



Kent C. Brodie - Systems & Network Manager       Internet: <brodie@cpg.mcw.edu>
Medical College of Wisconsin	                 MaBellNet: +1 414 456 5080
Clinical Practice Group         (http://www.cpg.mcw.edu/www/staff/brodie.html)
                 "Gilligan!!!"   -The Skipper

% ====== Internet headers and postmarks (see DECWRL::GATEWAY.DOC) ======
% Received: from mail11.digital.com by us2rmc.zko.dec.com (5.65/rmc-22feb94) id AA27389; Thu, 29 Feb 96 13:14:27 -050
% Received: from Topaz.DECUS.Org by mail11.digital.com (5.65v3.2/1.0/WV) id AA24529; Thu, 29 Feb 1996 13:09:29 -050
% Received: from Reprocess.DECUS.Org by DECUS.Org (PMDF V4.2-13 #12328) id <01I1S9FB9YUO9355AY@DECUS.Org>; Thu, 29 Feb 1996 11:59:07 ES
% Received: from vx1.cpg.mcw.edu by DECUS.Org (PMDF V4.2-13 #12328) id <01I1S9F7PD8093581H@DECUS.Org>; Thu, 29 Feb 1996 11:58:58 ES
% Received: from cpg.mcw.edu by cpg.mcw.edu (PMDF V5.0-4 #14016) id <01I1S710UPZ48WWQBI@cpg.mcw.edu> for OPEN-VMS-SIG@decus.org; Thu, 29 Feb 1996 10:59:01 -0500 (CD
% Date: Thu, 29 Feb 1996 10:51:26 -0500 (CDT)
% From: Kent C Brodie <BRODIE@cpg.mcw.edu>
% Subject: Checking if password has been changed from DCL: a cool answer
% To: OPEN-VMS-SIG@decus.org
% Errors-To: open-vms-sig-owner@DECUS.Org
% Warnings-To: open-vms-sig-owner@DECUS.Org
% Message-Id: <01I1S7BX05868WWQBI@cpg.mcw.edu>
% Organization: Medical College of Wisconsin Physicians & Clinics
% Mime-Version: 1.0
% Content-Type: TEXT/PLAIN; CHARSET=US-ASCII
% Content-Transfer-Encoding: 7BIT
% Comments: Send OPEN-VMS-SIG subscribe/unsubscribe requests to mailserv@DECUS.Org
