01-17-2003
C2 or enhanced security
We are using c2 / enhanced security on digital unix.
I do not have access to the GUI.
I need to get information on login status for users. Specifically I would like to know who has not logged in within the last 6 months.
I think I can query the edauth files, but I can't find information on what codes to look for and what they mean as far as status.
Anyone know?
thanks
7 More Discussions You Might Find Interesting
1. Solaris
Hello;
I am moving a customer from Solaris 2.6 to Solaris 2.8. The customer has requested the following two requirements also be implemented:
1. Lock a user account out for X number of days after 3 unsuccessful login attempts.
2. No reuse of the last 5-10 passwords. Also referred to... (1 Reply)
Discussion started by: rambo15
1 Replies
2. UNIX for Advanced & Expert Users
for sco, hp, or AIX......
anyway, how can I secure the UNIX system.
I knew that CA has it's products for securing the UNIX server system.
Please tell me more about other vender, and their products
thxs! (0 Replies)
Discussion started by: brookwk
0 Replies
3. IP Networking
Are there any standard programs in linux/unix like tcpdump that store packets' headers in db (Berkeley DB is preffered, including secondary db's to index stored headers by IP addesses, TCP flows, etc.), provide search in db and convert found headers to tcpdump dumpfile format? (12 Replies)
Discussion started by: Hitori
12 Replies
4. Shell Programming and Scripting
Dear
I have a problem on which I turn araound since hours.
Hope you could help me.
I have a bash script, which activates with "nohup ./script2 params & " several subscripts.
In my main script, I have set lot's of variables, which I would pass into script 2.
My idea is now to create a... (3 Replies)
Discussion started by: pramach
3 Replies
5. UNIX for Dummies Questions & Answers
Hi. I guess this my dummy question is for super-gurus.
I'm on Red Hat' documentation regarding their RDMA capabilities over "convergent" Ethernet network. I read everything that I could find on inet, wikipedia etc. about the technology itself. I can't figure out, how can I determine if the... (0 Replies)
Discussion started by: newlinuxuser1
0 Replies
6. AIX
Hi All,
I am going to perform some activity in 2Node HA Server(Active/Passive).
For that i have to do some pre-requsite (ie., Resource Group VG's should be Enhanced-Concurrent)
In my setup, we have two volume groups in one RG. In that one VG is Normal and another is Enhance Concurrent.
... (2 Replies)
Discussion started by: Thala
2 Replies
7. What is on Your Mind?
Dear All,
Thank you for your support. As promised I have upgrade features for unix.com forum VIP members as follows:
Who's Online Permissions
Can View IP Addresses
Can View Detailed Location Info for Users
Can View Detailed Location Info of Users Who Visit Bad / No Permission... (0 Replies)
Discussion started by: Neo
0 Replies
LEARN ABOUT OSF1
convauth
convauth(8) System Manager's Manual convauth(8)
NAME
convauth - convert security authorization databases into database format
SYNOPSIS
/usr/tcb/bin/convauth [-O] [-d dblist] [-q] [-r] [-u uid] [-v] [-H]
FLAGS
-d dblist
Specifies which databases to convert. Choose one or more of the letters d, f, p, t, or v.
d - /etc/auth/system/default to /etc/auth/system/default.db
f - /etc/auth/system/files to /etc/auth/system/files.db
p - /tcb/files/auth/?/* to /tcb/files/auth.db and /var/tcb/files/auth.db
t - /etc/auth/system/ttys to /etc/auth/system/ttys.db
v - /etc/auth/system/devassign to /etc/auth/system/devassign.db
If no -d option is given, the default database list is as though -d pt were specified.
-q Suppresses non-error output.
-r Keeps all migrated user-profile entries in /tcb/files/auth.db rather than /var/tcb/files/auth.db.
-u uid Specifies the minimum general user UID. User-profile entries with uids lower than this value (default 100) are written to the
/tcb/files/auth.db file, and profile entries with UIDs greater than or equal to this value are written to the /var/tcb/files/auth.db
file.
-v Gives more verbose messages.
-O Reverts from *.db files to old-style databases. Not allowed for auth.db.
-H Prints a help messages and exits with no further processing.
DESCRIPTION
The convauth utility is used to convert existing ASCII system authorization database files to database format for faster access and
updates. In the case of the ttys and user-profile data, this greatly improves the performance of login when using enhanced security.
The convauth utility is executed by update installation scripts.
EXAMPLES
The default conversion done to convert the user profiles and terminals information:
# convauth
The same conversion explicitly showing the default databases and general user UID assumptions:
# convauth -d tp -u 100
Conversion of only the device assignment data:
# convauth -d v
RELATED INFORMATION
Commands: convuser(8), edauth(8), authck(8)
Files: authcap(4), prpasswd(4), ttys(4), default(4), devassign(4), files(4)
Security delim off
convauth(8)