Community
System Administration
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

tracking the change of root and other password!!!

 
user1221
user1221
Frequent Advisor

‎03-24-2009 12:22 AM

‎03-24-2009 12:22 AM

tracking the change of root and other password!!!

Hi all,

I want to track the change of root password and other users, how can I check who change the password from which machine, tty? is there any log file in hp-unix which tracks all the changes made to the user accounts??

PLEASE help!!!

Thanks & Regards.
0 Kudos
Reply
5 REPLIES
Ganesan R
Ganesan R
Honored Contributor

‎03-24-2009 12:34 AM

‎03-24-2009 12:34 AM

Re: tracking the change of root and other password!!!

Hi,

Answer is no fortunately. Why do you want to track this when they are having privilage to change their passwords and account credentials?

normal user cannot change other account attributes. Only root can do all. restrict the root access.

You can enable auditing to trace the user activities. but that will capture all the tasks not only accounts related.
Best wishes,

Ganesh.
0 Kudos
Reply
user1221
user1221
Frequent Advisor

‎03-24-2009 12:59 AM

‎03-24-2009 12:59 AM

Re: tracking the change of root and other password!!!

Thanks for reply!
how can I enable auditing, does the auditing will create audit files for every activity of the users?
0 Kudos
Reply
avizen9
avizen9
Esteemed Contributor

‎03-24-2009 01:10 AM

‎03-24-2009 01:10 AM

Re: tracking the change of root and other password!!!

i dont think hpux have any logs for password change.

if you want to enable logs you need to convert your system in trasted system, which will allow you to generate many logs,
you can refer this document for this, let me know how it goes, thanks,

http://docs.hp.com/en/B2355-90950/ch08s08.html

//avi
0 Kudos
Reply
SSCHAER
SSCHAER
Advisor

‎03-24-2009 05:30 AM

‎03-24-2009 05:30 AM

Re: tracking the change of root and other password!!!

mv /usr/bin/passwd /usr/bin/passwd_orig


then create script /usr/bin/passwd using vi :

clear
echo "your attempt to change your password will be logged"
echo "user `who am i` changes password `date`" >>/var/adm/syslog/syslog.log
passwd_orig
echo "***********************" >>/var/adm/syslog/syslog.log



chmod 0755 /usr/bin/passwd.
everytime someone executes passwd it will run the script above.
0 Kudos
Reply
Tingli
Tingli
Esteemed Contributor

‎03-24-2009 05:56 AM

‎03-24-2009 05:56 AM

Re: tracking the change of root and other password!!!

passwd -s -a
can give you the time when the user has changed his password.
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.