HPE Community
Operating System - HP-UX
1833873 Members
1886 Online
110063 Solutions
New Discussion

Re: User Add/Delete Date

 
Nellian Solaiappan
Frequent Advisor

‎01-26-2005 08:58 AM

‎01-26-2005 08:58 AM

User Add/Delete Date

Hi
My production server is running HP-UX 11.0 in a trusted server mode. I need to get the dates in which the exisiting users were created. Also, I need to get the list of users which were removed from the system and date of deletion.
I have been trying to look into samlog and all .sh_hist_dir logs but these are of very little use.
Is there any way to get what I want?

Regards
Nell
0 Kudos
6 REPLIES 6
Patrick Wallek
Honored Contributor

‎01-26-2005 09:03 AM

‎01-26-2005 09:03 AM

Re: User Add/Delete Date

There is no way that I can think of to get the information you need.

samlog is a good idea, but if the users weren't created or deleted with SAM then you're out of luck.

You **MIGHT** be able to get a creation date by looking at the date stamp on the users .profile file or something. But that would change if the file has ever been modified, so there is no guarantee that that will be correct.

I know of no way to get the date a user was deleted.
0 Kudos
A. Clay Stephenson
Acclaimed Contributor

‎01-26-2005 09:08 AM

‎01-26-2005 09:08 AM

Re: User Add/Delete Date

Because of the number of ways these tasks could be done (some might leave traces and others would not) is legion there is really no way to do what you want after the fact. About as close as you are going to get is the ctime value for the users entry in /tcb/files/auth/x/xuser --- but that is really not a reliable method because the ctime would change anytime did a chmod, for example, on the file.

You really have to handle all this logging yourself (via scripts) and then force your admins to use exactly one method to add and remove users.
If it ain't broke, I can fix that.
0 Kudos
Steven E. Protter
Exalted Contributor

‎01-26-2005 10:38 AM

‎01-26-2005 10:38 AM

Re: User Add/Delete Date

Our user add process, which was written by an outside consulting before I knew Unix(enhanced several times by me) logs user create times in a file.

As A. Clay notes, our operations department is required to use this program. Only systems administration is allowed to add users on the command line.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
0 Kudos
Nguyen Anh Tien
Honored Contributor

‎01-26-2005 02:13 PM

‎01-26-2005 02:13 PM

Re: User Add/Delete Date

As i know. native HP_UX does not support this feature. You can change userdel to other name and write onother userdel script. in this script you log all action.
I recommand you use Security SW such as Etrust Access Control
refer to this web for more:
http://www3.ca.com/Solutions/Product.asp?ID=154
HP is simple
0 Kudos
Ravi_8
Honored Contributor

‎01-26-2005 04:20 PM

‎01-26-2005 04:20 PM

Re: User Add/Delete Date

Hi,

No way you can get this info
never give up
0 Kudos
Nellian Solaiappan
Frequent Advisor

‎01-27-2005 07:30 AM

‎01-27-2005 07:30 AM

Re: User Add/Delete Date

Thanks guys
For all your suggestions. Since we are creating and deleting users to Tivoli Identity manager, I need to hide the useradd/userdel commands and replace them with scripts that would inturn call the useradd/userdel commands respectively and log addition or deletion into a file.

Regards
Nell
0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.