Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Clearing down old and dormant UNIX accounts
Top Forums UNIX for Advanced & Expert Users Clearing down old and dormant UNIX accounts Post 302183059 by Frankie123 on Tuesday 8th of April 2008 06:56:28 AM
Old 04-08-2008
Clearing down old and dormant UNIX accounts
Hi Guys,

First of all apologies if this is in the wrong topic.

I have been given a task of coming up with an approach to identify unix accounts that are no longer in use by the user and applications, and need some ideas to of how to go about this.

These accounts application accounts that can be used by a number of different people via the key logging app powerbroker. I.e every user is null password, login is done via SSH.

Another thing to mention is that we may have accounts on the machine that may not ever be logged on to but may have monthly batch jobs that run automatically and should not be removed.

So I suppose the thing I am getting at is; is there any way to tell easily if an account has been dormant for more than 1 month, (no logins, or processes).

Hopefully I've explained enough, if you have any questions please let me know.

Thanks in advance.

Frank
 

8 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

Deleting some mails from Unix mail accounts

Hi there, Is there a way to delete some messages from the mail account on a Unix machine via a script?. Regards (0 Replies)
Discussion started by: JimJim
0 Replies

2. UNIX for Dummies Questions & Answers

I am not able to send mail form unix to other mail accounts.

Using Mailx command i.e mailx -s "subject" chinni@hotmail.com < \tmp\chin this command executed sucessfully but not able to receive the mail in chinni@hotmail.com please help. (1 Reply)
Discussion started by: chinnigd
1 Replies

3. UNIX for Dummies Questions & Answers

default unix accounts

Hi, Can someone tell me what the default unix accounts are? And what is the default unix admin pwd? Thanks!! (1 Reply)
Discussion started by: kandy19
1 Replies

4. UNIX for Dummies Questions & Answers

System list of all UNIX login accounts

What is the command to list all UNIX system login accounts? What is the command to list all system password parameters for UNIX(minimum length, complexity,age, invalid lockout attempts, expiration date , user inactivity lockout) (1 Reply)
Discussion started by: ma466
1 Replies

5. Shell Programming and Scripting

New To UNIX - Need Script to create report of user & group accounts

Hi, I'm new to the world of UNIX and have been asked to create a complex script (at least complex to me:confused:) for AIX UNIX to create a report of all the users on the server including server, user, UID, groups, GID, etc. Found a script using lsuser, but the output is still lacking. 2 things I... (2 Replies)
Discussion started by: panthur
2 Replies

6. Shell Programming and Scripting

How to change passwords for User accounts on multiple UNIX/Linux machines remotely?

Hello Experts, Need some direction on creating shell script for following environment: We have about 20 people in the team working as Oracle DBA's (sysdba's and appdba's). Total Servers which is a mix of Unix and Linux are 200. We do not have Root user access on any of the servers and... (3 Replies)
Discussion started by: sha2402
3 Replies

7. UNIX for Advanced & Expert Users

How can I send a mail from my outlook or other mail accounts to UNIX server?

Hi all, I want to send a mail for my business needs from outlook account to an unix server (HP-UX) but I don't send any mail. While I can send from the unix server to my outlook account, I can't send from outlook to unix. How can I achieve this ? How can I send a mail from my outlook or other... (2 Replies)
Discussion started by: igelegin
2 Replies

8. UNIX for Advanced & Expert Users

UNIX keytab file and service accounts

we are using kerberos authentication for the Oracle database. For automation jobs we are adding service accounts to keytab. does anybody using Kerberos authentication for jobs running through CORN ? if so , how you are getting passwords for service accounts ? if anyone has ideas please share. ... (0 Replies)
Discussion started by: talashil
0 Replies

LEARN ABOUT DEBIAN

sync-accounts

SYNC-ACCOUNTS(8)						 chiark utilities						  SYNC-ACCOUNTS(8)

NAME

       sync-accounts - synchronise accounts and passwords

SYNOPSIS

       sync-accounts [options] [source ...]

DESCRIPTION

       sync-accounts  is  a  tool  for copying account information into the local system's password and group databases, or equivalent, from other
       systems.  It can be used to slave individual accounts, whole systems, or various partial combinations.

       By default, when invoked, sync-accounts reads is configuration file and updates all of the local details it is configured  to  synchronise,
       from all relevant sources.

       If one or more sources are named as command-line arguments, only information from those sources is installed locally.

       See sync-accounts(5) for detailed information about sync-accounts's behaviour and configuration.

OPTIONS

       -Cconfig-file
	      Reads config-file instead of /etc/sync-accounts.

       -q     Instead of updating local information, sync-accounts displays a summary of which accounts are synchronised or not, and from where.

       -n     Causes  sync-accounts  not to actually install the new information in the local password and group databases.  Instead, updated ver-
	      sions are written to the files passwd and group in the current directory.  With -n new accounts are not created at all.  The  system
	      databases are not locked.

SECURITY

       sync-accounts is not resistant to malicious data in the local password and group databases, or its configuration file or command line argu-
       ments.

       Malicious data in source information will not be able to take control of sync-accounts, but will be copied to the local databases if  sync-
       accounts is configured to do so.

       To update the local databases, sync-accounts must be run as root.  For -q and -n sync-accounts still needs to be able to successfuly invoke
       the commands specified in the configuration for getpasswd and getgroup.

EXIT STATUS

       0      All went well and there were no warnings.

       any other
	      There were problems.  The local databases may or may not have been updated.

FILES

       /etc/sync-accounts
	      Default configuration file.  (Override with -C.)

       sync-accounts-createuser
	      Default command invoked by sync-accounts to create local users.

       /home  Default location for created users' home directories.

       /bin/sh
	      Default shell for created users.

       /etc/passwd, /etc/group, /etc/shadow, /etc/master.passwd
	      Local account databases, depending on configuration.

       /etc/shadow-non-existent
	      Must not exist.

ENVIRONMENT

       EDITOR, VISUAL
	      Manipulated by sync-ccounts when it is reinvoking itself via vipw or vigr, according to lockpasswd runvia or lockgroup runvia.

       SYNC_ACCOUNTS_*
	      Used by sync-accounts for its own purposes.  Do not set these variables.

       Setting variables used by vipw(8) and vigr(8), apart from EDITOR and/orVISUAL will affect the operation of  sync-accounts.   Avoid  messing
       with these if possible.

       PATH is used to find subprograms such as sync-accounts-createuser and vipw/vigr.

BUGS

       Using sync-accounts does not give particularly prompt propagation of changed account information.

       There  is no simple mechanism for automatically getting the right configuration details for accessing the local system's password and group
       databases.

       All the systems sharing account information using sync-accounts need to be using compatible encrypted-password schemes.

AUTHOR

       sync-accounts and this manpage are part of the sync-accounts package which was written by Ian Jackson  <ian@chiark.greenend.org.uk>.   They
       are Copyright 1999-2000,2002 Ian Jackson <ian@davenant.greenend.org.uk>, and Copyright 2000-2001 nCipher Corporation Ltd.

       The  sync-accounts  package is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as
       published by the Free Software Foundation; either version 3, or (at your option) any later version.

       This is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of  MERCHANTABILITY	or
       FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License for more details.

       You  should  have received a copy of the GNU General Public License along with this program; if not, consult the Free Software Foundation's
       website at www.fsf.org, or the GNU Project website at www.gnu.org.

SEE ALSO

       sync-accounts(5), grab-account(8), sync-accounts-createuser(8), passwd(5), group(5), shadow(5), master.passwd(5), vipw(8), vigr(8)

Greenend							  14th July 2002						  SYNC-ACCOUNTS(8)
All times are GMT -4. The time now is 07:51 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy