Hello and Welcome from United States to the UNIX and Linux Forums! Thank You for Visiting and Joining Our Global Community.
|
Hello and Welcome from United States to the UNIX and Linux Forums! Thank You for Visiting and Joining Our Global Community.
|
|
google unix.com
|
|||||||
| Forums | Register | Forum Rules | Links | Albums | FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
 |
| UNIX for Advanced & Expert Users Expert-to-Expert. Learn advanced UNIX, UNIX commands, Linux, Operating Systems, System Administration, Programming, Shell, Shell Scripts, Solaris, Linux, HP-UX, AIX, OS X, BSD. |
More UNIX and Linux Forum Topics You Might Find Helpful
|
||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| Does Active Directory top Linux authentication options? - Search Enterprise Linux | iBot | UNIX and Linux RSS News | 0 | 11-01-2007 02:00 AM |
| Does Active Directory top Linux authentication options? - Search Enterprise Linux | iBot | UNIX and Linux RSS News | 0 | 10-29-2007 06:20 AM |
| need script for locked and unused user accounts in /export/home directory | krishna176 | SUN Solaris | 1 | 03-25-2007 02:45 PM |
| list of active and locked OS accounts | luft | UNIX for Dummies Questions & Answers | 4 | 11-03-2005 12:33 PM |
| Locked out of Mandrake 9.1 user account | alarmcall | Linux | 5 | 06-26-2004 01:38 PM |
 |
|
|
|
LinkBack | Thread Tools | Search this Thread | Rate Thread | Display Modes |
01-26-2004
|
||||
|
||||
How to get user status(active,locked,retired, etc) reports on Sun, HP, OSF and Linux?
We have a need to create reports on the status of users on various Unix flavors.
We would like to get a summary of how many expired, locked, disabled, active, retired and/or active/unlocked are on each system, along with total accounts. We understand that each method would be different depending on OS, security settings, NIS vs. Local, and accounting methods used. But will like to know how others are doing this? For example, using OSF/Digital Unix, one-way would be to use the tcb and edauth utility to extract some of this data on a trusted system. Are there similar methods for HP, Sun, and/or Linux? |
|
01-28-2004
|
||||
|
||||
|
My first script was written in one year ago and this script help me to check my account status in many remote systems more easy. That was my first script. Not good and just for your reference.
Requirement: 1. Get a powerful script as follow link. It is a famous script in HP forum - caljd.sh In my linux machine, I need to modify the first line from #!/usr/bin/sh to #!/bin/ksh http://forums1.itrc.hp.com/service/f...13969&ext=.txt 2. Host List File In my env, I have two files. One is called hp.list and another one is sun.list. List format: host1 host2 host3 . . One host in one line 3. My stupid script. This script is running in linux machine but no checking on it. Because in my env, Sun server and HP server are most important. About the usage: see my script introduction. Code:
#!/bin/ksh
##### Introduction #####
##
## This script is used for checking user login expiry date
## Get the password control files from remote according a host list
##### Requirement #####
##
## Root user can run this script only
## The following files should be existing in same directory
##
## chkpass.sh : Main Script - FTP file from remote hosts
## According different platform then has
## different formula.
##
## caljd.sh : Assistant Script - Source from public
## For calculating and converting date format.
##
## sun.list : host list of SUN platform that you wanted for checking,
## one row contains one hostname only
##
## hp.list : host list of HP platform that you wanted for checking,
## one row contains one hostname only
##### Usage #####
##
## Step 1) chkpass.sh [username] - Start to check the specified user
##
## Step 2) Login name & password - For ftp file transferring.
## (Root Privilege Account only)
## Result will be shown on screen and will be re-directed to a log also
##
trap 'print "Cancel the checking\n" ; exit 1' 2 3 9 15
USERNAME=$1
##### Check option, if no option then the default is current user #####
if [[ $# != 1 ]];
then
print "Check who?"
print "Usage: chkpass.sh [username]\n"
exit 1
else
CHKWHO=$USERNAME
fi
WORKPATH="$PWD"
SUNLIST="$WORKPATH/sun.list"
HPLIST="$WORKPATH/hp.list"
CHKLOG="$WORKPATH/${USERNAME}.result.log"
GET_UID=`id | awk -F"(" '{print$1}'`
UID=${GET_UID#*=}
if [[ ! $UID -eq 0 ]];
then
print
print "Pls. note that you need to provide"
print "root login and password for the script"
print
fi
if [[ -a $CHKLOG ]];
then
mv $CHKLOG ${CHKLOG}.old
fi
function code {
if grep -q -i "Not Connected" $FTPLOG;
then
print "\033[30;43m ${HOST}: \033[0m FTP connection failed\n" | tee -a $CHKLOG
elif grep -q -i "Login incorrect" $FTPLOG;
then
print "\033[30;43m ${HOST}: \033[0m Connection Failed. Incorrect login or password\n" | tee -a $CHKLOG
elif grep -q -i "No such file" $FTPLOG;
then
print "\033[30;43m ${HOST}: \033[0m Checking failed and it caused by one of following situations." | tee -a $CHKLOG
print "\033[30;43m ${HOST}: \033[0m 1. Make sure the existence of $CHKWHO in $HOST." | tee -a $CHKLOG
print "\033[30;43m ${HOST}: \033[0m 2. It doesn't a trusted system. No password setting for $CHKWHO.\n" | tee -a $CHKLOG
fi
}
if [[ ! -a $SUNLIST || ! -a $HPLIST ]];
then
print
print 'File Missing: "sun.list" & "hp.list"'
printf '%s\n%s\n%s\n%s\n\n' '#Example Content' host1 host2 host3
exit 1
fi
cat $SUNLIST $HPLIST > $WORKPATH/all.list
ALL_LIST="$WORKPATH/all.list"
print "Start to collect records from remote hosts"
read ftp_name?"Enter User Name: "
stty -echo
read ftp_pass?"Enter Password: "
stty echo
print
print
for list in `grep -v '#' $ALL_LIST`
do
HOST=$list
USER=$ftp_name
PASS=$ftp_pass
########################
##### SUN PLATFORM #####
########################
##### if - 1 #####
if grep -q $HOST $SUNLIST;
then
#This log is used for function "code"
FTPLOG="$WORKPATH/sunftp.log"
ftp -ivn << EOF > $FTPLOG 2>&1
open $HOST
user $USER $PASS
asc
cd /etc
get shadow
bye
EOF
##### if - 2 #####
if [[ -a $WORKPATH/shadow ]];
then
mv $WORKPATH/shadow $WORKPATH/${HOST}.shadow
##### if - 3 #####
if grep -q -w $CHKWHO $WORKPATH/${HOST}.shadow ;
then
typeset -i SEC_FR_70S DAY_FR_70S LAST_CHANGE LAST_CHANGE_SEC REMAINS
SEC_FR_70S=$(date +%s)
DAY_FR_70S=$((SEC_FR_70S/60/60/24))
LAST_CHANGE=$(awk -F: '/^'$CHKWHO':/ {print$3}' $WORKPATH/${HOST}.shadow)
ACC_PERIOD=$(awk -F: '/^'$CHKWHO':/ {print$5}' $WORKPATH/${HOST}.shadow)
((EXPIRATION=LAST_CHANGE+ACC_PERIOD))
((REMAINS=EXPIRATION-DAY_FR_70S))
##### if - 4 #####
if [[ $LAST_CHANGE = 0 || $ACC_PERIOD = 0 ]] || [[ -z $LAST_CHANGE || -z $ACC_PERIOD ]];
then
print "\033[37;42m ${HOST}: \033[0m No expiration date setting for $CHKWHO\n" | tee -a $CHKLOG
elif [[ $EXPIRATION -lt $DAY_FR_70S ]];
then
print "\033[37;41m ${HOST}: \033[0m $CHKWHO already expired\n" | tee -a $CHKLOG
else
EXP_JUL=$($WORKPATH/caljd.sh -n $REMAINS)
EXP_HUM=$($WORKPATH/caljd.sh $EXP_JUL)
MONTH=${EXP_HUM%% *}
DAY=$(echo $EXP_HUM | awk '{print$2}')
YEAR=${EXP_HUM##* }
print "\033[37;42m ${HOST}: \033[0m $CHKWHO will expire after $REMAINS days" | tee -a $CHKLOG
printf "%s\t%s/%s/%s\t%s\n\n" "EXPIRATION DATE:" $DAY $MONTH $YEAR "(DD/MM/YYYY)" | tee -a $CHKLOG
fi
##### if - 4 end #####
else
print "\033[30;43m ${HOST}: \033[0m $CHKWHO was not found\n" | tee -a $CHKLOG
fi
##### if - 3 end #####
rm $WORKPATH/${HOST}.shadow
else
code
fi
##### if - 2 end #####
rm $FTPLOG
else
#######################
##### HP PLATFORM #####
#######################
PREFIX=$(print $CHKWHO | cut -c 1)
#This log is used for function "code"
FTPLOG="$WORKPATH/hpftp.log"
ftp -ivn << EOF > $FTPLOG 2>&1
open $HOST
user $USER $PASS
asc
cd /tcb/files/auth/$PREFIX
get $CHKWHO
bye
EOF
##### if - 5 #####
if [[ -a $WORKPATH/$CHKWHO ]];
then
mv $WORKPATH/$CHKWHO $WORKPATH/${HOST}.${CHKWHO}
typeset -i SEC_FR_70S DAY_FR_70S CHG_DATE ACC_DATE EXPIRATION REMAINS
SEC_FR_70S=$(date +%s)
SUC_CHG=$(awk -F"u_succhg#" '/u_succhg/ {print$2}' $WORKPATH/${HOST}.${CHKWHO})
CHG_DATE=${SUC_CHG%%:*}
ACC_PERIOD=$(awk -F"u_exp#" '/u_exp/ {print$2}' $WORKPATH/${HOST}.${CHKWHO})
ACC_DATE=${ACC_PERIOD%%:*\\}
((EXPIRATION=CHG_DATE+ACC_DATE))
((REMAINS=EXPIRATION-SEC_FR_70S))
CHG_TO_DAY=$((REMAINS/60/60/24))
##### if - 6 #####
if [[ $CHG_DATE = 0 || $ACC_DATE = 0 ]] || [[ -z $CHG_DATE || -z $ACC_DATE ]] ;
then
print "\033[37;42m ${HOST}: \033[0m No expiration date setting for $CHKWHO\n" | tee -a $CHKLOG
elif [[ $EXPIRATION -lt $SEC_FR_70S ]];
then
print "\033[37;41m ${HOST}: \033[0m $CHKWHO already expired\n" | tee -a $CHKLOG
else
EXP_JUL=$($WORKPATH/caljd.sh -n $CHG_TO_DAY)
EXP_HUM=$($WORKPATH/caljd.sh $EXP_JUL)
MONTH=${EXP_HUM%% *}
DAY=$(echo $EXP_HUM | awk '{print$2}')
YEAR=${EXP_HUM##* }
print "\033[37;42m ${HOST}: \033[0m $CHKWHO will expire after $CHG_TO_DAY" days | tee -a $CHKLOG
printf "%s\t%s/%s/%s\t%s\n\n" "EXPIRATION DATE:" $DAY $MONTH $YEAR "(DD/MM/YYYY)" | tee -a $CHKLOG
fi
##### if - 6 end #####
rm $WORKPATH/${HOST}.${CHKWHO}
else
code
fi
##### if - 5 end #####
rm $FTPLOG
fi
##### if - 1 end #####
done
rm $ALL_LIST
print "Checking completed" | tee -a $CHKLOG
Last edited by Optimus_P; 01-28-2004 at 10:58 AM.. |
|
01-28-2004
|
||||
|
||||
|
My first script was written in one year ago and this script help me to check my account status in many remote systems more easy. That was my first script. Not good and just for your reference.
Requirement: 1. Get a powerful script as follow link. It is a famous script in HP forum - caljd.sh In my linux machine, I need to modify the first line from #!/usr/bin/sh to #!/bin/ksh http://forums1.itrc.hp.com/service/f...13969&ext=.txt 2. Host List File In my env, I have two files. One is called hp.list and another one is sun.list. List format: host1 host2 host3 . . One host in one line 3. My stupid script. This script is running in linux machine but no checking on it. Because in my env, Sun server and HP server are most important. About the usage: see my script introduction. Code:
#!/bin/ksh
##### Introduction #####
##
## This script is used for checking user login expiry date
## Get the password control files from remote according a host list
##### Requirement #####
##
## Root user can run this script only
## The following files should be existing in same directory
##
## chkpass.sh : Main Script - FTP file from remote hosts
## According different platform then has
## different formula.
##
## caljd.sh : Assistant Script - Source from public
## For calculating and converting date format.
##
## sun.list : host list of SUN platform that you wanted for checking,
## one row contains one hostname only
##
## hp.list : host list of HP platform that you wanted for checking,
## one row contains one hostname only
##### Usage #####
##
## Step 1) chkpass.sh [username] - Start to check the specified user
##
## Step 2) Login name & password - For ftp file transferring.
## (Root Privilege Account only)
## Result will be shown on screen and will be re-directed to a log also
##
trap 'print "Cancel the checking\n" ; exit 1' 2 3 9 15
USERNAME=$1
##### Check option, if no option then the default is current user #####
if [[ $# != 1 ]];
then
print "Check who?"
print "Usage: chkpass.sh [username]\n"
exit 1
else
CHKWHO=$USERNAME
fi
WORKPATH="$PWD"
SUNLIST="$WORKPATH/sun.list"
HPLIST="$WORKPATH/hp.list"
CHKLOG="$WORKPATH/${USERNAME}.result.log"
GET_UID=`id | awk -F"(" '{print$1}'`
UID=${GET_UID#*=}
if [[ ! $UID -eq 0 ]];
then
print
print "Pls. note that you need to provide"
print "root login and password for the script"
print
fi
if [[ -a $CHKLOG ]];
then
mv $CHKLOG ${CHKLOG}.old
fi
function code {
if grep -q -i "Not Connected" $FTPLOG;
then
print "\033[30;43m ${HOST}: \033[0m FTP connection failed\n" | tee -a $CHKLOG
elif grep -q -i "Login incorrect" $FTPLOG;
then
print "\033[30;43m ${HOST}: \033[0m Connection Failed. Incorrect login or password\n" | tee -a $CHKLOG
elif grep -q -i "No such file" $FTPLOG;
then
print "\033[30;43m ${HOST}: \033[0m Checking failed and it caused by one of following situations." | tee -a $CHKLOG
print "\033[30;43m ${HOST}: \033[0m 1. Make sure the existence of $CHKWHO in $HOST." | tee -a $CHKLOG
print "\033[30;43m ${HOST}: \033[0m 2. It doesn't a trusted system. No password setting for $CHKWHO.\n" | tee -a $CHKLOG
fi
}
if [[ ! -a $SUNLIST || ! -a $HPLIST ]];
then
print
print 'File Missing: "sun.list" & "hp.list"'
printf '%s\n%s\n%s\n%s\n\n' '#Example Content' host1 host2 host3
exit 1
fi
cat $SUNLIST $HPLIST > $WORKPATH/all.list
ALL_LIST="$WORKPATH/all.list"
print "Start to collect records from remote hosts"
read ftp_name?"Enter User Name: "
stty -echo
read ftp_pass?"Enter Password: "
stty echo
print
print
for list in `grep -v '#' $ALL_LIST`
do
HOST=$list
USER=$ftp_name
PASS=$ftp_pass
########################
##### SUN PLATFORM #####
########################
##### if - 1 #####
if grep -q $HOST $SUNLIST;
then
#This log is used for function "code"
FTPLOG="$WORKPATH/sunftp.log"
ftp -ivn << EOF > $FTPLOG 2>&1
open $HOST
user $USER $PASS
asc
cd /etc
get shadow
bye
EOF
##### if - 2 #####
if [[ -a $WORKPATH/shadow ]];
then
mv $WORKPATH/shadow $WORKPATH/${HOST}.shadow
##### if - 3 #####
if grep -q -w $CHKWHO $WORKPATH/${HOST}.shadow ;
then
typeset -i SEC_FR_70S DAY_FR_70S LAST_CHANGE LAST_CHANGE_SEC REMAINS
SEC_FR_70S=$(date +%s)
DAY_FR_70S=$((SEC_FR_70S/60/60/24))
LAST_CHANGE=$(awk -F: '/^'$CHKWHO':/ {print$3}' $WORKPATH/${HOST}.shadow)
ACC_PERIOD=$(awk -F: '/^'$CHKWHO':/ {print$5}' $WORKPATH/${HOST}.shadow)
((EXPIRATION=LAST_CHANGE+ACC_PERIOD))
((REMAINS=EXPIRATION-DAY_FR_70S))
##### if - 4 #####
if [[ $LAST_CHANGE = 0 || $ACC_PERIOD = 0 ]] || [[ -z $LAST_CHANGE || -z $ACC_PERIOD ]];
then
print "\033[37;42m ${HOST}: \033[0m No expiration date setting for $CHKWHO\n" | tee -a $CHKLOG
elif [[ $EXPIRATION -lt $DAY_FR_70S ]];
then
print "\033[37;41m ${HOST}: \033[0m $CHKWHO already expired\n" | tee -a $CHKLOG
else
EXP_JUL=$($WORKPATH/caljd.sh -n $REMAINS)
EXP_HUM=$($WORKPATH/caljd.sh $EXP_JUL)
MONTH=${EXP_HUM%% *}
DAY=$(echo $EXP_HUM | awk '{print$2}')
YEAR=${EXP_HUM##* }
print "\033[37;42m ${HOST}: \033[0m $CHKWHO will expire after $REMAINS days" | tee -a $CHKLOG
printf "%s\t%s/%s/%s\t%s\n\n" "EXPIRATION DATE:" $DAY $MONTH $YEAR "(DD/MM/YYYY)" | tee -a $CHKLOG
fi
##### if - 4 end #####
else
print "\033[30;43m ${HOST}: \033[0m $CHKWHO was not found\n" | tee -a $CHKLOG
fi
##### if - 3 end #####
rm $WORKPATH/${HOST}.shadow
else
code
fi
##### if - 2 end #####
rm $FTPLOG
else
#######################
##### HP PLATFORM #####
#######################
PREFIX=$(print $CHKWHO | cut -c 1)
#This log is used for function "code"
FTPLOG="$WORKPATH/hpftp.log"
ftp -ivn << EOF > $FTPLOG 2>&1
open $HOST
user $USER $PASS
asc
cd /tcb/files/auth/$PREFIX
get $CHKWHO
bye
EOF
##### if - 5 #####
if [[ -a $WORKPATH/$CHKWHO ]];
then
mv $WORKPATH/$CHKWHO $WORKPATH/${HOST}.${CHKWHO}
typeset -i SEC_FR_70S DAY_FR_70S CHG_DATE ACC_DATE EXPIRATION REMAINS
SEC_FR_70S=$(date +%s)
SUC_CHG=$(awk -F"u_succhg#" '/u_succhg/ {print$2}' $WORKPATH/${HOST}.${CHKWHO})
CHG_DATE=${SUC_CHG%%:*}
ACC_PERIOD=$(awk -F"u_exp#" '/u_exp/ {print$2}' $WORKPATH/${HOST}.${CHKWHO})
ACC_DATE=${ACC_PERIOD%%:*\\}
((EXPIRATION=CHG_DATE+ACC_DATE))
((REMAINS=EXPIRATION-SEC_FR_70S))
CHG_TO_DAY=$((REMAINS/60/60/24))
##### if - 6 #####
if [[ $CHG_DATE = 0 || $ACC_DATE = 0 ]] || [[ -z $CHG_DATE || -z $ACC_DATE ]] ;
then
print "\033[37;42m ${HOST}: \033[0m No expiration date setting for $CHKWHO\n" | tee -a $CHKLOG
elif [[ $EXPIRATION -lt $SEC_FR_70S ]];
then
print "\033[37;41m ${HOST}: \033[0m $CHKWHO already expired\n" | tee -a $CHKLOG
else
EXP_JUL=$($WORKPATH/caljd.sh -n $CHG_TO_DAY)
EXP_HUM=$($WORKPATH/caljd.sh $EXP_JUL)
MONTH=${EXP_HUM%% *}
DAY=$(echo $EXP_HUM | awk '{print$2}')
YEAR=${EXP_HUM##* }
print "\033[37;42m ${HOST}: \033[0m $CHKWHO will expire after $CHG_TO_DAY" days | tee -a $CHKLOG
printf "%s\t%s/%s/%s\t%s\n\n" "EXPIRATION DATE:" $DAY $MONTH $YEAR "(DD/MM/YYYY)" | tee -a $CHKLOG
fi
##### if - 6 end #####
rm $WORKPATH/${HOST}.${CHKWHO}
else
code
fi
##### if - 5 end #####
rm $FTPLOG
fi
##### if - 1 end #####
done
rm $ALL_LIST
print "Checking completed" | tee -a $CHKLOG
Last edited by Optimus_P; 01-28-2004 at 10:58 AM.. |
|
01-28-2004
|
||||
|
||||
|
use code tags please. \[code\]
|
| Sponsored Links | ||
|
|
|
| Bookmarks |
| Thread Tools | Search this Thread |
| Display Modes | Rate This Thread |
|
|
Linear Mode
