Operating System - HP-UX
1830135 Members
2393 Online
109999 Solutions
New Discussion

Re: How to list disabled users on an HPUX system

 
Jacques Carriere
Regular Advisor

How to list disabled users on an HPUX system

Do anyone have a script to list all disabled users on an HPUX server?

 

thanks

Jacques

5 REPLIES 5
Jeff_Traigle
Honored Contributor

Re: How to list disabled users on an HPUX system

The following command provides password status information for all users:

 

# passwd -as

 

If you just want the usernames of the locked accounts:

 

# passwd -as | awk '{if ($2 == "LK") print $1}'

--
Jeff Traigle
rariasn
Honored Contributor

Re: How to list disabled users on an HPUX system

Hi:

 

#!/usr/bin/sh
# Show deactivated users in a trusted system
set -u
PATH=/usr/bin:/usr/sbin:/usr/lbin

NOTTRUSTED=/sbin/true
if [ -x /usr/lbin/modprpw ]
then
   modprpw 1> /dev/null 2>&1
   if [ $? -eq 2 ]
   then
      NOTTRUSTED=/sbin/false
   fi
fi

if $NOTTRUSTED
then
   print "\n This system is not a Trusted System"
   exit 1
fi

REASON[1]="past password lifetime"
REASON[2]="past last login time"
REASON[3]="past absolute account lifetime"
REASON[4]="exceeding unsuccessful login attempts"
REASON[5]="password required and a null password"
REASON[6]="admin lock"
REASON[7]="password is a *"

for USER in $(listusers | awk '{print $1}')
do
   LOCKOUT=$(getprpw -r -m lockout $USER)
   ERR=$?
   if [ $ERR != 0 ]
   then
     print "getprpw failed, error = $ERR"
     exit $ERR
   fi

# Since multiple reasons may exist in LOCKOUT, process
# each bit position separately

   if [ $LOCKOUT != "0000000" ]
   then
      print "\nUser $USER deactivated for:"
      for BIT in 1 2 3 4 5 6 7
      do
         REASONBIT=$(echo $LOCKOUT | cut -c $BIT)
         if [ $REASONBIT != 0 ]
         then
            if [ $REASONBIT = 1 ]
            then
               print "   ${REASON[$BIT]}"
            else
               print "   Bad character in lockout: $REASONBIT"
            fi
         fi
      done
   fi
done

 

 

rgs,

 

 

 

 

 

jerrym
Trusted Contributor

Re: How to list disabled users on an HPUX system

raraisn, this part of your code does not make sense. I ran it on a trusted system and it gives the Usage and will be an exit code 2.

 

.

.

modprpw 1> /dev/null 2>&1
   if [ $? -eq 2 ]
   then
      NOTTRUSTED=/sbin/false
   fi
fi

if $NOTTRUSTED
then
   print "\n This system is not a Trusted System"
   exit 1
fi

.

.

Bill Hassell
Honored Contributor

Re: How to list disabled users on an HPUX system

The attached script will work OK.



Bill Hassell, sysadmin
jody_mckinzie
Occasional Advisor

Re: How to list disabled users on an HPUX system

Bill Was browsing and saw this...thanks a million.