HPE Community
Operating System - HP-UX
1838290 Members
3408 Online
110125 Solutions
New Discussion

Re: account locked - query

 
SOLVED
Go to solution
Jagadesh_2
Regular Advisor

‎12-12-2005 12:02 AM

‎12-12-2005 12:02 AM

account locked - query

Hi All,
lastb command gives the list of unsucessful login names.
Which command / file will give the list of locked account names. When the user tries to login through a locked account it will throw an message "Account locked - see system administrator" where this information is stored and how to view this.

Many thanks
S.Jagadesh
0 Kudos
Reply
5 REPLIES 5
Arunvijai_4
Honored Contributor

‎12-12-2005 12:09 AM

‎12-12-2005 12:09 AM

Re: account locked - query

http://forums1.itrc.hp.com/service/forums/questionanswer.do?threadId=650641

-Arun
"A ship in the harbor is safe, but that is not what ships are built for"
0 Kudos
Reply
Steven E. Protter
Exalted Contributor

‎12-12-2005 12:15 AM

‎12-12-2005 12:15 AM

Re: account locked - query

Shalom Jagdesh

A combination if passwd -sa and lastb should give you record of who locked their account.

lastb lists bad logins and if the user is in there enough times, the user is certainly locked.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
Reply
Sivakumar TS
Honored Contributor

‎12-12-2005 12:20 AM

‎12-12-2005 12:20 AM

Re: account locked - query

You can check the /etc/passwd file for this.
All locked users will have LK in their passwd field.

one simple way could be

#cat /etc/passwd | grep LK

With Regards,

Siva.
Nothing is Impossible !
0 Kudos
Reply
Jeff Schussele
Honored Contributor

‎12-12-2005 12:22 AM

‎12-12-2005 12:22 AM

Re: account locked - query

Hi,

No *one* file will give you that.
If trusted the following command run against *each* account will give you the lockout status
/usr/lbin/getprpw -m lockout user_name
If the result is non-zero then they're OK - if not, they're locked out.
If not trusted then if "*" is in the second field of the /etc/passwd file for a user_name - then they're locked out.

HTH,
Jeff
PERSEVERANCE -- Remember, whatever does not kill you only makes you stronger!
Reply
Cem Tugrul
Esteemed Contributor

‎12-12-2005 01:29 AM

‎12-12-2005 01:29 AM

Solution

Re: account locked - query

How about the script for trusted systems?

echo "USERS LOCKED BELOW:\r"
for USER in $(listusers | awk '{print $1}'|egrep -v "sshd|smbnull|tools|tbase")
do
lock_pos=$(/usr/lbin/getprpw -r -m lockout $USER)
user_name=$(grep $USER /etc/passwd|awk -F: '{print $5}')
if [ $lock_pos != "0000000" ]
then
echo "$USER $user_name $lock_pos"
fi
done

Hope this helps!!!

Good Luck,
Our greatest duty in this life is to help others. And please, if you can't
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.