04-08-2008
Clearing down old and dormant UNIX accounts
Hi Guys,
First of all apologies if this is in the wrong topic.
I have been given a task of coming up with an approach to identify unix accounts that are no longer in use by the user and applications, and need some ideas to of how to go about this.
These accounts application accounts that can be used by a number of different people via the key logging app powerbroker. I.e every user is null password, login is done via SSH.
Another thing to mention is that we may have accounts on the machine that may not ever be logged on to but may have monthly batch jobs that run automatically and should not be removed.
So I suppose the thing I am getting at is; is there any way to tell easily if an account has been dormant for more than 1 month, (no logins, or processes).
Hopefully I've explained enough, if you have any questions please let me know.
Thanks in advance.
Frank
8 More Discussions You Might Find Interesting
1. Shell Programming and Scripting
Hi there,
Is there a way to delete some messages from the mail account on a Unix machine via a script?.
Regards (0 Replies)
Discussion started by: JimJim
0 Replies
2. UNIX for Dummies Questions & Answers
Using Mailx command i.e
mailx -s "subject" chinni@hotmail.com < \tmp\chin
this command executed sucessfully but not able to receive the mail in chinni@hotmail.com
please help. (1 Reply)
Discussion started by: chinnigd
1 Replies
3. UNIX for Dummies Questions & Answers
Hi, Can someone tell me what the default unix accounts are? And what is the default unix admin pwd? Thanks!! (1 Reply)
Discussion started by: kandy19
1 Replies
4. UNIX for Dummies Questions & Answers
What is the command to list all UNIX system login accounts?
What is the command to list all system password parameters for UNIX(minimum length, complexity,age, invalid lockout attempts, expiration date , user inactivity lockout) (1 Reply)
Discussion started by: ma466
1 Replies
5. Shell Programming and Scripting
Hi, I'm new to the world of UNIX and have been asked to create a complex script (at least complex to me:confused:) for AIX UNIX to create a report of all the users on the server including server, user, UID, groups, GID, etc.
Found a script using lsuser, but the output is still lacking. 2 things I... (2 Replies)
Discussion started by: panthur
2 Replies
6. Shell Programming and Scripting
Hello Experts,
Need some direction on creating shell script for following environment:
We have about 20 people in the team working as Oracle DBA's (sysdba's and appdba's). Total Servers which is a mix of Unix and Linux are 200. We do not have Root user access on any of the servers and... (3 Replies)
Discussion started by: sha2402
3 Replies
7. UNIX for Advanced & Expert Users
Hi all,
I want to send a mail for my business needs from outlook account to an unix server (HP-UX) but I don't send any mail. While I can send from the unix server to my outlook account, I can't send from outlook to unix.
How can I achieve this ? How can I send a mail from my outlook or other... (2 Replies)
Discussion started by: igelegin
2 Replies
8. UNIX for Advanced & Expert Users
we are using kerberos authentication for the Oracle database. For automation jobs we are adding service accounts to keytab. does anybody using Kerberos authentication for jobs running through CORN ? if so , how you are getting passwords for service accounts ? if anyone has ideas please share.
... (0 Replies)
Discussion started by: talashil
0 Replies
LEARN ABOUT DEBIAN
lppasswd
lppasswd(1) Apple Inc. lppasswd(1)
NAME
lppasswd - add, change, or delete digest passwords.
SYNOPSIS
lppasswd [ username ]
lppasswd -a [ -g groupname ] username
lppasswd -x username
DESCRIPTION
lppasswd adds, changes, or deletes passwords in the CUPS digest password file, passwd.md5. When run by a normal user, lppasswd will prompt
for the old and new passwords. When run by the super-user, lppasswd can add new accounts (-a username), change existing accounts (user-
name), or delete accounts (-x username) in the digest password file. Digest usernames do not have to match local UNIX usernames.
OPTIONS
lppasswd supports the following options:
-g groupname
Specifies a group other than the default system group.
SECURITY ISSUES
By default, the lppasswd program is not installed to allow ordinary users to change their passwords. To enable this, the lppasswd command
must be made setuid to root with the command:
chmod u+s lppasswd
While every attempt has been made to make lppasswd secure against exploits that could grant super-user privileges to unprivileged users,
paranoid system administrators may wish to use Basic authentication with accounts managed by PAM instead.
SEE ALSO
lp(1), lpr(1),
http://localhost:631/help
COPYRIGHT
Copyright 2007-2011 by Apple Inc.
22 February 2008 CUPS lppasswd(1)