- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - HP-UX
- >
- Activated Users on a Trusted System
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Forums
Discussions
Discussions
Discussions
Forums
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО07-27-2005 02:16 AM
тАО07-27-2005 02:16 AM
We're running Trusted Systems here and we have many users on these systems on 11.0 and 11i. If I need to list or display only "Activated" users for some auditing reasons,and omit the "DeActivated" users, how would I go about doing this?
Thanks,
KPS
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО07-27-2005 02:36 AM
тАО07-27-2005 02:36 AM
Re: Activated Users on a Trusted System
ID=username_here
STATUS=$(/usr/lbin/getprpw -l -r -m lockout $ID)
RC=$?
case "$RC" in
0 ) case "$STATUS" in
0000000 ) print "Account Active." ;;
1?????? ) print "LOCKED: Past password lifetime." ;;
?1????? ) print "LOCKED: Past inactive time." ;;
??1???? ) print "LOCKED: Past account lifetime." ;;
???1??? ) print "LOCKED: too many failed logins." ;;
????1?? ) print "LOCKED: passwd required." ;;
?????1? ) print "LOCKED: Locked by Admin." ;;
??????1 ) print "LOCKED: Password is a *." ;;
* ) print "Unknown status code returned."; exit 10;;
esac
;;
1 ) print "You are not privileged to run this command."
exit 1
;;
2 ) print "Incorrect getprpw usage."
exit 2
;;
3 ) print "Password file is not found."
exit 3
;;
4 ) print -n "**NOT in Trusted Mode:"
STATUS=$(/usr/bin/passwd -s $ID|awk '{print $2}')
case "$STATUS" in
LK ) print "LOCKED" ;;
PS ) print "Account Active" ;;
"" ) print "No Account" ;;
* ) print "Unknown Status,$STATUS."; exit 10 ;;
esac
;;
* ) print "Unknown getprpw RC, $RC, returned."; exit 10 ;;
esac
From this point, you can derive the output you require.
Hope it helps.
UNIX because I majored in cryptology...
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО07-27-2005 02:43 AM
тАО07-27-2005 02:43 AM
Re: Activated Users on a Trusted System
So in the list of users I I hoped to generate, I didn't want to include those users that our deactivated for the above reasons. I only wanted to pull the list for users that are active.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО07-27-2005 02:54 AM
тАО07-27-2005 02:54 AM
Re: Activated Users on a Trusted System
#!/usr/bin/sh
PATH=${PATH}:/usr/lbin
PWFILE=/etc/passwd
typeset -i STAT=0
awk -F ':' '{print $1}' ${PWFILE} | while read USER
do
echo "${USER}\c"
LCK=$(getprpw -m lockout ${USER} | tr -c -d "[0-9]")
STAT=${?}
if [[ ${STAT} -eq 0 ]]
then
echo "\t${LCK}\c"
else
echo "Getprpw failed for user ${USER}; status ${STAT}." >&2
fi
echo
done
exit ${STAT}
For users that are not locked out, ${LCK} will be all zeros; for users that are locked out a 1 will be in one of the positions. Man getprpw to determine how to interpret the lockout value.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО07-27-2005 05:00 AM
тАО07-27-2005 05:00 AM
Solutionfor i in $(cat /etc/passwd | awk -F: '{print $1}')
do
STATUS="$i: `/usr/lbin/getprpw -m lockout $i`"
echo $STATUS | grep 0000000
done
If by chance you want to find out who IS locked out I just change 'grep' to 'grep -v'.
Jim
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО07-27-2005 05:33 AM
тАО07-27-2005 05:33 AM
Re: Activated Users on a Trusted System
KPS