HPE Community
Operating System - HP-UX
1751765 Members
4557 Online
108781 Solutions
New Discussion юеВ

Re: NIS login history

 
steven Burgess_2
Honored Contributor

тАО05-06-2008 03:49 AM

тАО05-06-2008 03:49 AM

NIS login history

Hi everyone,

Forgive me here, it's been 2 years since I last logged into a HPUX server !!

I am performing an audit at a customer site with a mix of 10.20 and 11 servers in a NIS environment. There are almost 800 users defined in passwd.byname of which I suspect there are less than 50 active users.

Can anyone confirm whether the last command also covers NIS users ?? If not, what is the best method to obtain login information from NIS users

TIA

Steve
take your time and think things through
0 Kudos
Reply
6 REPLIES 6
Steven E. Protter
Exalted Contributor

тАО05-06-2008 04:05 AM

тАО05-06-2008 04:05 AM

Re: NIS login history

Shalom,

On our NIS Master, HP-UX 11.00 fully patched (No cracks about support, I'm not a boss here), does not report NIS logins in the last command.

I would assume therefore it does not.

The login via NIS will show up on the server actually being connected to's last command.

Example:
NIS Master: triton
NIS Client system: raptor

User viper logs into server raptor.

The last command on triton shows nothing.
The last command on raptor shows user viper logging in.


SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
0 Kudos
Reply
TTr
Honored Contributor

тАО05-06-2008 04:45 AM

тАО05-06-2008 04:45 AM

Re: NIS login history

How many servers are in the NIS mix? You could collect last outputs from each server and with some quick shell scripting, combine and sort them and get a dated list of all users. Then cut-off the recent logins as active users. Have the local admins do that.
0 Kudos
Reply
steven Burgess_2
Honored Contributor

тАО05-06-2008 04:50 AM

тАО05-06-2008 04:50 AM

Re: NIS login history

Hi,

Thanks for the responses.

Yes, following Stephen's reply, I will get a list of clients and collect information from those

TIA

Steve
take your time and think things through
0 Kudos
Reply
steven Burgess_2
Honored Contributor

тАО05-06-2008 05:38 AM

тАО05-06-2008 05:38 AM

Re: NIS login history

Hi Stephen,

On the NIS client, are you able to determine that the user was logged in via NIS ? If so, how ?

Steve

take your time and think things through
0 Kudos
Reply
Steven E. Protter
Exalted Contributor

тАО05-06-2008 05:44 AM

тАО05-06-2008 05:44 AM

Re: NIS login history

Shalom again Steve,

Tough one there.

strings /var/adm/wtmp

You will see raw data and may be able to script a solution that provides you this data.

These systems seem to be able to know where the login came from and if you look at this:

shmuelmaster.il.nds.com
remshd

It would appear that some ability to discern login type is there.

Not anything I'd hang an audit report on.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
0 Kudos
Reply
steven Burgess_2
Honored Contributor

тАО05-06-2008 06:22 AM

тАО05-06-2008 06:22 AM

Re: NIS login history

Hi,

Hmmm, thanks. It would also be quite hard to do this with an infinite number of clients.... There must be a way to do this from the server end

Steve
take your time and think things through
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.