System Administration
cancel
Showing results for 
Search instead for 
Did you mean: 

trusted 11.11 user that have not logged in script

SOLVED
Go to solution
Ratzie
Super Advisor

trusted 11.11 user that have not logged in script

I am trying to automate security checks.

We require passwd's to be changed every 90 days, we do need to delete users from system if they have not logged in after 180 days.

I am looking for a script that can parse the server and pull out users that have not logged in in 180 days.

We are running hpux 11.11 in trusted mode.


root@snap # cat security
ABORT_LOGIN_ON_MISSING_HOMEDIR=1
AUTH_MAXTRIES=5
PASSWORD_MAXDAYS=91
PASSWORD_MINDAYS=7
PASSWORD_WARNDAYS=28
MIN_PASSORD_LENGTH=8
PASSWORD_HISTORY_DEPTH=3
NUMBER_OF_LOGINS_ALLOWED=3
UMASK=077


1 REPLY
Larry Klasmier
Honored Contributor
Solution

Re: trusted 11.11 user that have not logged in script

This script will give you the date and time a user last logged in. We call it from another script that feeds the user accounts to it. I am assuming you can play with this script do do what you need. Key factor is the is the u_succhg line in the tcb file.

#!/usr/bin/sh

PATH=/usr/bin:/opt/perl/bin

EPOCH=false
LOGINNAME=""
BADPARAM=true

if [ $# -eq 1 ]; then
LOGINNAME="$1"
BADPARAM=false
elif [ $# -eq 2 ]; then
if [ "$1" = "-e" ]; then
EPOCH=true
LOGINNAME="$2"
BADPARAM=false
fi
fi

if [ $BADPARAM = true ]; then
echo "Usage: $0 [-e] username"
exit 1
fi

TCBFILE="/tcb/files/auth/?/$LOGINNAME"

if [ ! -f $TCBFILE ]; then
echo "Unknown user: $LOGINNAME"
exit 1
fi

U_SUCLOG=$(sed -n '/u_suclog#/ s/^.*u_suclog#\([0-9]*\):.*$/\1/p' $TCBFILE)

if [ $EPOCH = true ]; then
echo $U_SUCLOG
else
perl -MPOSIX -e 'print strftime "%m/%d/%Y %H:%M:%S\n", localtime '$U_SUCLOG
fi