HPE Community
Operating System - HP-UX
1826755 Members
3127 Online
109702 Solutions
New Discussion

Re: Trusted systems and expired accounts...

 
scott vick
Advisor

‎01-29-2002 12:27 PM

‎01-29-2002 12:27 PM

Trusted systems and expired accounts...

I have several trusted systems with an enormous number of user accounts per server. I'm trying to figure out a way to delete accounts that have been locked and unused for a certain period of time. (ex. 120 days). Does anybody know how to extract the # of days since an account was used or the number of days since an account was locked? Any help would be appreciated.
Too ugly to live, too weird to die, too stupid to know the difference.
0 Kudos
Reply
4 REPLIES 4
Helen French
Honored Contributor

‎01-29-2002 12:58 PM

‎01-29-2002 12:58 PM

Re: Trusted systems and expired accounts...

Hi,

Use the 'last' command to find out the last suucessful logins of the users. This command takes input from the /var/adm/wtmp file.

You can either sort the output or grep for a specific date. Normally if auditing is enabled on the system, then you can check the file /var/adm/acct/sum/loginlog.

See also man page of last

HTH,
Shiju
Life is a promise, fulfill it!
0 Kudos
Reply
Conal O'Kelly
Advisor

‎01-29-2002 01:05 PM

‎01-29-2002 01:05 PM

Re: Trusted systems and expired accounts...

Hi
Try using the /usr/lbin/getprpw command. This extracts alot of info from the trusted Database. One parameter is "slogint" which shows the last successful login.
You could write a script to extract this info for each user.

Cheers
Con
0 Kudos
Reply
steven Burgess_2
Honored Contributor

‎01-29-2002 01:07 PM

‎01-29-2002 01:07 PM

Re: Trusted systems and expired accounts...

Hi

There is a file call /var/adm/wtmp which holds this type of information

If you do a
#last > /tmp/users

Then grep the id from that file it will tell you when they were last logged on.

The wtmp file does grow so may be housekept on some systems. Depending on this file,it will determine how far back you can see when users were last logged on

That is of course whether you now the user id's

You can set the expiry time of new users using the sam menu's

or via the command line

useradd -f 100 , will expire a users passwd in 100 days if inactive for that period

or usermod for an existing user

If you assign a -1 value the option is turned off

You can expire an account on a specific day using for eg on the 29th jan 2002

usermod -e 29/1/02

take your time and think things through
0 Kudos
Reply
scott vick
Advisor

‎01-29-2002 01:08 PM

‎01-29-2002 01:08 PM

Re: Trusted systems and expired accounts...

I've already written a script that pulls the info for slogint from getprpw. I now need to know how to calculate back 6 months and delete any account that has not been access during the time frame.
Too ugly to live, too weird to die, too stupid to know the difference.
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.