Re: Vendor Automatic account expiration script

From: Green, Simon (Simon.Green_at_EU.ALTRIA.COM)
Date: 12/11/03

  • Next message: Provoost, Richard: "Re: Vendor Automatic account expiration script" 
    Date:         Thu, 11 Dec 2003 12:27:42 +0100
To: aix-l@Princeton.EDU

    Is there no way you can simply use the normal user characteristics? Perhaps
    maxage=2, maxexpired=0. Not quite what you're trying for, but it has a
    similar effect.

    I would recommend against putting anything in .profile. What's to stop a
    user seeing what you're doing, then just scheduling it to run once a week?

    It would be better to have it external to the user login, and not executable
    by normal users.

    I did something like this a while back, and I had a single script running
    once per day which just did "last -1 <user>" then either left the userid
    alone or locked it, depending on the outcome. (I'd give you the script, but
    it was very, very basic and didn't do any date checking: just if they'd
    logged on since wtmp was last cleared down.)

    Simon Green
    Altria ITSC Europe Ltd

    AIX-L Archive at https://new-lists.princeton.edu/listserv/aix-l.html
    <https://new-lists.princeton.edu/listserv/aix-l.html>

    AIX FAQ at http://www.faqs.org/faqs/aix-faq/
    <http://www.faqs.org/faqs/aix-faq/>

    N.B. Unsolicited email from vendors will not be appreciated.
    Please post all follow-ups to the list.

    -----Original Message-----
    From: Dearman, Richard [mailto:rdearm1@UIC.EDU]
    Sent: 10 December 2003 18:10
    To: aix-l@Princeton.EDU
    Subject: Vendor Automatic account expiration script

    Before I start working on the script I figured I would ask you guys to see
    if has already been done so I'm not re-inventing the wheel

    I want to setup my vendor accounts to automatically expire 14days after
    their login. So if they login within that 14 day period again the
    expiration would roll forward another 14 days from that login. After 14
    days of no login they would be locked out and need to manually be unlocked
    by me. I figured I would add the script to the .profile of each vendor
    account.

    Do any of you guys do anything like this now and if so could you forward me
    your script.

  • Next message: Provoost, Richard: "Re: Vendor Automatic account expiration script"

    Relevant Pages

    • Re: Hacker activity?
      ... >login to a server, most as root but some are attempts to login to ... >telnet, all come from the same remote server, and all fail. ... >getting some odd cgi calls to a script on a secure ssl server. ... Make sure root cannot login to your system via ssh. ...
      (freebsd-questions)
    • Abusing poor programming techniques in webserver scripts V 1.0
      ... $login = Request.Form ... fool the database parser. ... verified in the script of access to the database, ... The SQL statement will be parsed by the database manager, ...
      (SecProg)
    • e107 remote commands execution
      ... Login bypass / remote code execution / cross site scripting ... "e107 is a content management system written in php and using the popular ... a script byrgod at <a href="http://rgod.altervista.org " ... //so, you see, we activate public uploads and .php extensions for attachments ...
      (Bugtraq)
    • Re: Limit desktop & start menu
      ... Create a login script that runs when users log into the TS, and map the R: ... persisitent "R" drive on the server itself and that may cure it. ...
      (microsoft.public.windows.terminal_services)
    • RE: vb script called from login script exits when login script ter
      ... In Novell our login times (from the time the user types in their ... seconds with a very bare bones login script. ... that was an improvement but still not as good as our NetWare login times. ... VBScipt is terminated after the synchronous part of logon script is ...
      (microsoft.public.scripting.vbscript)