HPE Community
Operating System - HP-UX
1829735 Members
1626 Online
109992 Solutions
New Discussion

User aging..

 
SOLVED
Go to solution
Roy Colica
Advisor

‎11-24-2005 09:37 PM

‎11-24-2005 09:37 PM

User aging..

All,
do you think is possible to match this requirement? If a user remains unused for 60 consecutive days it must be disabled. If no authorised request for reinstatement is received within a further 30 consecutive days the userid must be deleted.
I think the first can be done with HP-UX trusted, the second? Do you think I've to implement something or could be free?
Can you please help? Thanks.
Roy
0 Kudos
5 REPLIES 5
RAC_1
Honored Contributor

‎11-24-2005 09:46 PM

‎11-24-2005 09:46 PM

Re: User aging..

Not possible without some scripting. Even the first requirement will also require some scripts to be run and and decide user expiry and disable it. Take it further and delete it as per requirement.
There is no substitute to HARDWORK
0 Kudos
Muthukumar_5
Honored Contributor

‎11-24-2005 09:55 PM

‎11-24-2005 09:55 PM

Solution

Re: User aging..

Yes. First requirement you have to go with trusted system (If you want to have normal hp-ux manner).

Two more ways to achive first requirement:

i) last | grep 'username'
gives last successful login. Calculate day difference and remove the user.

ii) You can play with /etc/profile file to achive this as,

# mkdir /var/users/
# Edit /etc/profile as,
echo "`date +'%d %m %y'`" > /var/users/${LOGNAME}

You can compare the contents in /var/users with current date difference and remove the user account with userdel.

Second Requirement:

Use last and lastb command to achive this.

# last | grep 'username'
# lastb | grep 'username'

get the time stamp and produce the latest one in both. See the time stamp difference with current date and remove user id.

hth.

Easy to suggest when don't know about the problem!
0 Kudos
Muthukumar_5
Honored Contributor

‎11-24-2005 10:03 PM

‎11-24-2005 10:03 PM

Re: User aging..

Refer this thread:

http://forums1.itrc.hp.com/service/forums/bizsupport/questionanswer.do?threadId=855955

To get a date difference.

DAY1=$(cat /var/users/${LOGNAME}
DAY2=$(date +'%d/%m/%y')
typeset -i DIFF=$(( $(caljd.sh ${DT2} - $(caljd.sh ${DT1}) ))
if [[ ${DIFF} -gt 60 ]]
then
userdel
fi

hth.
Easy to suggest when don't know about the problem!
0 Kudos
Steven E. Protter
Exalted Contributor

‎11-24-2005 10:11 PM

‎11-24-2005 10:11 PM

Re: User aging..

Shalom Roy,

Its possible and the best way to go is trusted system. This conversion makes teh 60 day rule easy to enforce.

The second 30 day until delete is probably better done by policy. When an account becomes disabled, its status is changed and this can be accounted for.

You can build a little report with passwd -sa and probably get your user list.

Take a look at that report output and see if it might be helpful.

Surely this could be done for free, because the best solution is a scripted solution.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
0 Kudos
Roy Colica
Advisor

‎12-28-2005 04:39 AM

‎12-28-2005 04:39 AM

Re: User aging..

Thanks.
0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.