Security
cancel
Showing results for 
Search instead for 
Did you mean: 

Accounts - Inactivity timeout check.

SOLVED
Go to solution
Alexey Borchev
Regular Advisor

Accounts - Inactivity timeout check.

We have Tru64 5.1b pk4, with Enhanced (C2) security and NIS.
We have to be complyant with Internal Controls (also known as SOX).

One of the controls - users which are not logged in last 90 days are locked by the system.
We do have this option in Accont manager (dxaccounts), and I have set it up.
We have to provide proof than this option not only configured but actually operating.

How can i retrive user's last login date?
When the user is locked (I mean, icon "locked" appears on top of the account) - upon 90 days timeout (then a daemon must to check it at midnight), or after the user tries to login in 100 days - checked, locked and rejected?
The fire follows shedule...
1 REPLY
Victor Semaska_3
Esteemed Contributor
Solution

Re: Accounts - Inactivity timeout check.

Alexey,

To retrieve information about an account look at the manpage for edauth.

example: /usr/tcb/bin/edauth -g

For information about the individual fields look at the manpages for prpasswd & default.

To convert seconds since epoch to a string use the command:

/usr/bin/perl -e "print scalar localtime()"

Vic
There are 10 kinds of people, one that understands binary and one that doesn't.