- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - HP-UX
- >
- Re: User account status info: trusted system vs. ...
Operating System - HP-UX
1752815
Members
6439
Online
108789
Solutions
Forums
Categories
Company
Local Language
юдл
back
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
юдл
back
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Blogs
Information
Community
Resources
Community Language
Language
Forums
Blogs
Topic Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО05-04-2011 12:50 PM
тАО05-04-2011 12:50 PM
User account status info: trusted system vs. SMSE
I am working on migrating a script (written in perl) that collects information on a specified user and reports back on the status of the users account with regards to whether or not it's locked. On trusted systems it obtained the information by parsing the contents of the user's /tcb/files/auth//$user file or the output of getprpw commands.
That method is not available on systems using SMSE and while I've been able to figure out how to get some of the same info other pieces of info have turned out to be elusive to me.
If anyone has any insight into how I can obtain the following information on a user's profile from a system using SMSE (HP-UX 11.31) I would be most grateful, if it's possible at all:
Date/time of the Last Un-successful password change attempt for $user
Consecutive number of Unsuccesful Logins by $user.
Something comparable to the "lockout" field from the trusted systems auth files.* That field had a 7 characters and depending on where a "1" appeared instead of a "0" it would indicate why a user's account was disabled/locked.
* - I think it's likely that the trusted system's lockout field has no analog in SMSE and that I will simply have to test for the various lockout conditions by comparing date-times, the various pertinent fields in /etc/passwd and /etc/shadow or the output of "#passwd -s $user".
Thank you in advance for your input ladies and gentlemen, have a great one!
--Tim
That method is not available on systems using SMSE and while I've been able to figure out how to get some of the same info other pieces of info have turned out to be elusive to me.
If anyone has any insight into how I can obtain the following information on a user's profile from a system using SMSE (HP-UX 11.31) I would be most grateful, if it's possible at all:
Date/time of the Last Un-successful password change attempt for $user
Consecutive number of Unsuccesful Logins by $user.
Something comparable to the "lockout" field from the trusted systems auth files.* That field had a 7 characters and depending on where a "1" appeared instead of a "0" it would indicate why a user's account was disabled/locked.
* - I think it's likely that the trusted system's lockout field has no analog in SMSE and that I will simply have to test for the various lockout conditions by comparing date-times, the various pertinent fields in /etc/passwd and /etc/shadow or the output of "#passwd -s $user".
Thank you in advance for your input ladies and gentlemen, have a great one!
--Tim
- Tags:
- SMSE
- trusted mode
3 REPLIES 3
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО05-04-2011 01:35 PM
тАО05-04-2011 01:35 PM
Re: User account status info: trusted system vs. SMSE
If you have the SMSE bundle installed then have a look at the 'userstat' command. That appears to be able to give you some of the same information you would get from 'getprpw' on trusted systems.
# man userstat
for more info......
# man userstat
for more info......
- Tags:
- userstat
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО05-05-2011 05:18 AM
тАО05-05-2011 05:18 AM
Re: User account status info: trusted system vs. SMSE
with SMSE
The user attributes are defined in a database that is accessed via
userdbset to configure the attributes of the user
userdbget to view the attributes of a user.
The attributes for each user are defined in
man security
a user is disabled if his password is *
or the user has hit the AUTH_MAXTRIES parameter
The user attributes are defined in a database that is accessed via
userdbset to configure the attributes of the user
userdbget to view the attributes of a user.
The attributes for each user are defined in
man security
a user is disabled if his password is *
or the user has hit the AUTH_MAXTRIES parameter
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО05-05-2011 06:09 AM
тАО05-05-2011 06:09 AM
Re: User account status info: trusted system vs. SMSE
Between Patrick and Emil's replies I have almost everything I need.
Patrick: The userstat command is something I was unaware of. It's going to simplify my script quite a bit. Thank you!
Emil: D'oh. I read the manpage for userdbget, but didn't cross-reference /etc/security.dsc.
Of the info I asked for above, "userstat" gets me a very close SMSE equivalent to the lockout field of a Trusted system. "userdbget" could get that info as well, but would require more complex syntax to query. What userdbget can do that userstat cannot is return the count of consecutive login failures. Both of your responses have been very helpful.
All I'm stuck on now is getting the date-time of the user's last FAILED password change attempt...
Patrick: The userstat command is something I was unaware of. It's going to simplify my script quite a bit. Thank you!
Emil: D'oh. I read the manpage for userdbget, but didn't cross-reference /etc/security.dsc.
Of the info I asked for above, "userstat" gets me a very close SMSE equivalent to the lockout field of a Trusted system. "userdbget" could get that info as well, but would require more complex syntax to query. What userdbget can do that userstat cannot is return the count of consecutive login failures. Both of your responses have been very helpful.
All I'm stuck on now is getting the date-time of the user's last FAILED password change attempt...
- Tags:
- userdbget
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.
News and Events
Support
© Copyright 2024 Hewlett Packard Enterprise Development LP