trusted 11.11 user that have not logged in script

Ratzie · ‎01-04-2010

I am trying to automate security checks.

We require passwd's to be changed every 90 days, we do need to delete users from system if they have not logged in after 180 days.

I am looking for a script that can parse the server and pull out users that have not logged in in 180 days.

We are running hpux 11.11 in trusted mode.

root@snap # cat security
ABORT_LOGIN_ON_MISSING_HOMEDIR=1
AUTH_MAXTRIES=5
PASSWORD_MAXDAYS=91
PASSWORD_MINDAYS=7
PASSWORD_WARNDAYS=28
MIN_PASSORD_LENGTH=8
PASSWORD_HISTORY_DEPTH=3
NUMBER_OF_LOGINS_ALLOWED=3
UMASK=077

Larry Klasmier · ‎01-04-2010

This script will give you the date and time a user last logged in. We call it from another script that feeds the user accounts to it. I am assuming you can play with this script do do what you need. Key factor is the is the u_succhg line in the tcb file.

#!/usr/bin/sh

PATH=/usr/bin:/opt/perl/bin

EPOCH=false
LOGINNAME=""
BADPARAM=true

if [ $# -eq 1 ]; then
LOGINNAME="$1"
BADPARAM=false
elif [ $# -eq 2 ]; then
if [ "$1" = "-e" ]; then
EPOCH=true
LOGINNAME="$2"
BADPARAM=false
fi
fi

if [ $BADPARAM = true ]; then
echo "Usage: $0 [-e] username"
exit 1
fi

TCBFILE="/tcb/files/auth/?/$LOGINNAME"

if [ ! -f $TCBFILE ]; then
echo "Unknown user: $LOGINNAME"
exit 1
fi

U_SUCLOG=$(sed -n '/u_suclog#/ s/^.*u_suclog#$[0-9]*$:.*$/\1/p' $TCBFILE)

if [ $EPOCH = true ]; then
echo $U_SUCLOG
else
perl -MPOSIX -e 'print strftime "%m/%d/%Y %H:%M:%S\n", localtime '$U_SUCLOG
fi

Categories

Company

Local Language

Forums

Discussions

Forums

Discussions

Discussions

Forums

Discussions

Forums

Discussions

Forums

Forums

Discussions

Forums

Discussions

Forums

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Community

Resources

Other HPE Sites

Discussions

Forums

Blogs

trusted 11.11 user that have not logged in script

trusted 11.11 user that have not logged in script

Re: trusted 11.11 user that have not logged in script