- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - HP-UX
- >
- Re: Block user accounts
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-07-2011 07:50 AM
09-07-2011 07:50 AM
Block user accounts
I need one urgent information. How to block user accounts who has not logged in to the server last 6 months in HP-UX 11i (on both Trusted and non-Trusted) system. I don't want to execute command manually (like passwd -l username). Please advise ...
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-07-2011 09:03 AM
09-07-2011 09:03 AM
Re: Block user accounts
Describing your system as 11i leaves a range of options - like 11.11, 11.23, 11.31, and more. I would suggest you look at man (4) security, particularly the inactivity_maxdays parameter. In 11.11, at least, this parameter only applies to non-trusted systems. If you have a more current release then your mileage may vary.
Pete
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-07-2011 09:08 AM
09-07-2011 09:08 AM
Re: Block user accounts
Oops! Glad I double checked. The man page I looked at was for 11.31.
In the case of trusted systems, I would suggest that you take note of the fact that trusted systems are deprecated as of 11.31 and you should probably be looking into the shadow password feature instead.
Pete
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-07-2011 09:21 AM
09-07-2011 09:21 AM
Re: Block user accounts
Hi:
Pete's comments (including the deprecation of Trusted Systems) are the same ones I would make. I too would establish (at least where you can), the 'INACTIVITY_MAXDAYS' in '/etc/default/security'.
In order to "clean up" users without recent activity, consider running 'last' and parsing out a list of users who haven't logged in or are absent from the underlying '/var/adm/wtmp' file which would mean that they have never logged in during the file's coverage period. You might find that converting '/var/adm/wtmp' to its ASCII counterpart, which exposes Epoch dates, more useful:
# /usr/sbin/acct/fwtmp < /var/adm/wtmp > /tmp/wtmp
Once you enumerate the users who haven't looged-in recently, a simple script to lock those accounts should be something any sysadmin could write.
Regards!
...JRF...