Re: Old user list

From: Chladek, Dave (Dave.Chladek_at_NHMCCD.EDU)
Date: 07/28/04

  • Next message: Naylor, Jim: "Re: F40 Service Processor ???" 
    Date:         Wed, 28 Jul 2004 14:06:17 -0500
To: aix-l@Princeton.EDU

    Here is a cool utility to convert time...

    http://www.unixreview.com/documents/s=1344/ur0307g/ur0307g_script.htm

    ... and the following is an unmodified script I picked up from
    somewhere, but I don't remember where, and between the two scripts you
    should be able to work out your question and probably one or two others
    you have not asked...

    #!/usr/bin/ksh
    #set -x

    #Try this script.
    #It will check and lock the accounts automatically for those logins that
    #have not been used to s set number of days.

    expdays=90 #<< ---- Set number of days in past here!
    let expiry=86400*$expdays
    locked=" "
    tmp1=/tmp/exp.tmp1.$$
    tmp2=/tmp/exp.tmp2.$$
    tmp2a=/tmp/exp.tmp2a.$$
    tmp3=/tmp/exp.tmp3.$$
    tmp4=/tmp/exp.tmp4.$$

    # List all users that are allowed to login
    lsuser -a login account_locked time_last_login ALL |grep -Ev
    ^"root|daemon|bin|sys|adm|nobody" | grep "login=true" > $tmp1

    # get all users who have logged in at least once with login date
    grep 'time_last_login' $tmp1 | sed -e 's/login=true //' -e
    's/account_locked=//' -e 's/time_last_login=//' >$tmp2

    # get all users who have not logged in since creation
    grep -v 'time_last_login' $tmp1 | sed -e 's/login=true //' -e
    's/account_locked=//' >$tmp2a

    # get today's date in seconds from epoch for comparison
    year=`date +%Y`
    day=`date +%j`
    hour=`date +%H`
    minute=`date +%M`

    let today="($year - 1970) * 365 * 86400 + ($day - 1) * 86400 + $hour *
    3600 + $minute * 60 + ($year - 1969) / 4 * 86400"

    # for each user found, check whether has not been unused too long
    cat $tmp2 |while read user locked last
    do
            let min=$today-$expiry
            if [[ $min -gt $last ]]
            then
                    let login="($today - $last) / 86400"
                    echo $user':'$login':'$locked >> $tmp4
                      #chuser shell='/usr/local/bin/locked'
                            #account_locked='true' $user
            fi
    done

    HTH,
    Dave Chladek

    -----Original Message-----
    From: IBM AIX Discussion List [mailto:aix-l@Princeton.EDU] On Behalf Of
    Zebrouvis, Lois
    Sent: Wednesday, July 28, 2004 1:24 PM
    To: aix-l@Princeton.EDU
    Subject: Re: Old user list

    lsuser -a time_last_login userid (or ALL)
    The time is in seconds from Jan 1st 1970

    -----Original Message-----
    From: Robert Miller [mailto:rmiller@SMUD.ORG]
    Sent: Wednesday, July 28, 2004 2:04 PM
    To: aix-l@Princeton.EDU
    Subject: Re: Old user list

    The quickest way to see when a person last logged on would be 'last -1
    <username>' - that will give you one line detailing when they last
    logged in. However, if the /var/adm/wtmp file gets truncated on a
    regular basis, say through a cron job, it's only as good as the first
    date of the wtmp file. To see the last entry (and thus the earliest
    date), use 'last | tail -1', which will just give you the last line of
    the "last" output (excuse the pun ;) )

    The wtmp file is the only place I know of that has stored login info...

    --rm

    -----Original Message-----
    From: IBM AIX Discussion List [mailto:aix-l@Princeton.EDU]On Behalf Of
    Hass, Harold
    Sent: Wednesday, July 28, 2004 10:42 AM
    To: aix-l@Princeton.EDU
    Subject: Old user list

    I'm sure it's been answered before, and probably is in the archives, but
    I can't find it!

    How can I produce a list of users that have not logged in for a period
    of time, say 8 months?

    AIX 4.3.3 - AIX 5.2

    TIA Harold Hass

  • Next message: Naylor, Jim: "Re: F40 Service Processor ???"

    Relevant Pages