HPE Community
Operating System - HP-UX
1830305 Members
2406 Online
110000 Solutions
New Discussion

Re: How to list disabled users on an HPUX system

 
Jacques Carriere
Regular Advisor

‎01-16-2012 06:31 AM

‎01-16-2012 06:31 AM

How to list disabled users on an HPUX system

Do anyone have a script to list all disabled users on an HPUX server?

 

thanks

Jacques

0 Kudos
Reply
5 REPLIES 5
Jeff_Traigle
Honored Contributor

‎01-17-2012 08:28 AM

‎01-17-2012 08:28 AM

Re: How to list disabled users on an HPUX system

The following command provides password status information for all users:

 

# passwd -as

 

If you just want the usernames of the locked accounts:

 

# passwd -as | awk '{if ($2 == "LK") print $1}'

--
Jeff Traigle
0 Kudos
Reply
rariasn
Honored Contributor

‎01-19-2012 03:51 AM

‎01-19-2012 03:51 AM

Re: How to list disabled users on an HPUX system

Hi:

 

#!/usr/bin/sh
# Show deactivated users in a trusted system
set -u
PATH=/usr/bin:/usr/sbin:/usr/lbin

NOTTRUSTED=/sbin/true
if [ -x /usr/lbin/modprpw ]
then
   modprpw 1> /dev/null 2>&1
   if [ $? -eq 2 ]
   then
      NOTTRUSTED=/sbin/false
   fi
fi

if $NOTTRUSTED
then
   print "\n This system is not a Trusted System"
   exit 1
fi

REASON[1]="past password lifetime"
REASON[2]="past last login time"
REASON[3]="past absolute account lifetime"
REASON[4]="exceeding unsuccessful login attempts"
REASON[5]="password required and a null password"
REASON[6]="admin lock"
REASON[7]="password is a *"

for USER in $(listusers | awk '{print $1}')
do
   LOCKOUT=$(getprpw -r -m lockout $USER)
   ERR=$?
   if [ $ERR != 0 ]
   then
     print "getprpw failed, error = $ERR"
     exit $ERR
   fi

# Since multiple reasons may exist in LOCKOUT, process
# each bit position separately

   if [ $LOCKOUT != "0000000" ]
   then
      print "\nUser $USER deactivated for:"
      for BIT in 1 2 3 4 5 6 7
      do
         REASONBIT=$(echo $LOCKOUT | cut -c $BIT)
         if [ $REASONBIT != 0 ]
         then
            if [ $REASONBIT = 1 ]
            then
               print "   ${REASON[$BIT]}"
            else
               print "   Bad character in lockout: $REASONBIT"
            fi
         fi
      done
   fi
done

 

 

rgs,

 

 

 

 

 

0 Kudos
Reply
jerrym
Trusted Contributor

‎09-12-2012 08:45 AM

‎09-12-2012 08:45 AM

Re: How to list disabled users on an HPUX system

raraisn, this part of your code does not make sense. I ran it on a trusted system and it gives the Usage and will be an exit code 2.

 

.

.

modprpw 1> /dev/null 2>&1
   if [ $? -eq 2 ]
   then
      NOTTRUSTED=/sbin/false
   fi
fi

if $NOTTRUSTED
then
   print "\n This system is not a Trusted System"
   exit 1
fi

.

.

0 Kudos
Reply
Bill Hassell
Honored Contributor

‎09-17-2012 06:59 AM

‎09-17-2012 06:59 AM

Re: How to list disabled users on an HPUX system

The attached script will work OK.



Bill Hassell, sysadmin
0 Kudos
Reply
jody_mckinzie
Occasional Advisor

‎11-07-2012 08:06 AM

‎11-07-2012 08:06 AM

Re: How to list disabled users on an HPUX system

Bill Was browsing and saw this...thanks a million.
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.