HPE Community
Operating System - HP-UX
1832853 Members
3110 Online
110047 Solutions
New Discussion

Re: Find inactive users

 
SOLVED
Go to solution
Anthony khan
Frequent Advisor

‎05-07-2002 06:58 AM

‎05-07-2002 06:58 AM

Find inactive users

Hi,

I am tying to find inactive users or the users never login, I think finger command or -mtime can help, so I can remove those inactive users...Is anyone have a script to get this done.


Thanks
0 Kudos
Reply
6 REPLIES 6
James R. Ferguson
Acclaimed Contributor

‎05-07-2002 07:03 AM

‎05-07-2002 07:03 AM

Solution

Re: Find inactive users

Hi Anthony:

A couple of tricks help. You can use 'find' to traverse the $HOME directories of the users looking at the last access date for their '.profile' [assuming their default shell is the Posix or ksh shell] and collect a list for culling.

You can examine the /var/adm/wtmp file (if you keep it) using 'last' and compare its contents to /etc/passwd in a fashion which returns a list of users who do *not* appear in 'wtmp'.

Regards!

...JRF...
Reply
harry d brown jr
Honored Contributor

‎05-07-2002 07:07 AM

‎05-07-2002 07:07 AM

Re: Find inactive users

Anthony,

Convert your system to trusted, and set passwd expire and inactivity.

live free or die
harry
Live Free or Die
0 Kudos
Reply
Sachin Patel
Honored Contributor

‎05-07-2002 07:08 AM

‎05-07-2002 07:08 AM

Re: Find inactive users

Hi
You can use who to find old logins.
#who -a |grep old
then run ps -e to find out that pid if you can means that login is old you can remove it.

for example
#who -a |grep old
sachin ttyp1 Jan 8 09:47 old 8071 10.20.46.71:0.0
#ps -e |grep 8071
8071 ttyp1 0:00 csh

means that login is been inactive for logtime and it is been old.
#kill 8071

Sachin
Is photography a hobby or another way to spend $
Reply
Victor_5
Trusted Contributor

‎05-07-2002 07:10 AM

‎05-07-2002 07:10 AM

Re: Find inactive users

Don't use finger since it is a danger command for system security, one solution is implement C2 Trusted System, and turn on auditing system, you can get those info from logs.

0 Kudos
Reply
Justo Exposito
Esteemed Contributor

‎05-07-2002 07:14 AM

‎05-07-2002 07:14 AM

Re: Find inactive users

Hi Anthony,

Do you know the command "last"?

Regards,

Justo.
Help is a Beatiful word
0 Kudos
Reply
Roger Baptiste
Honored Contributor

‎05-07-2002 07:25 AM

‎05-07-2002 07:25 AM

Re: Find inactive users

hi,

first, get list of users on the box:
cat /etc/passwd | awk '{FS=":";print $1}' >/tmp/list_users

Next, run last command and see when they logged in last on the system, somthing like:
while read -r name
do
last $name | head -1 >>/tmp/user_activity
done
Then, decide on what sort of cut of date you are using for inactivity. If it is for users not logged in this year, do a simple:
grep "2001" /tmp/list_users > inactive_users

BAsed on what you are looking for, you can use greap search pattern accordingly.

Finally to remove those users run
userdel on the list of inactive users.

HTH
raj
Take it easy.
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.