Login or Register to Ask a Question and Join Our Community


AIX

Auditing User administrator

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Operating Systems AIX Auditing User administrator
# 1  
Old 05-09-2005
Auditing User administrator
Background:
I a trying to audit user administration on a AIX box. I am trying to make sure that any changes made by the System administrator to the user accounts (Add users, changing their attributes or deleting users) are accompanied by authorization i.e. the system admin does not make any changes w/o a written authorization.

Problem:

I need to generate a log report that can capture all changes made to user accounts (Addition of users, chanegs or deletions) from the past couple of months so that I can select a sample from that report and ask him to provide me with authorizations. How do I generate such a log report.Also, Auditing might not have been turned on.
Login or Register to Ask a Question

Previous Thread | Next Thread

9 More Discussions You Might Find Interesting

1. UNIX for Beginners Questions & Answers

Create a shell script to gather user account information and displays the result to administrator

I want to create a shell script to gather user account information and displays the result to administrator. I have created a script but its showing all the information when i search for username like: amit@mx:~$ ./uinfo.sh amit Username : amit User Info ... (2 Replies)
Discussion started by: amit1986
2 Replies

2. UNIX for Beginners Questions & Answers

AIX Administrator - User Profile Management

Good afternoon all, Was un-sure on where to post this so I thought I would use this topic... I was wondering what best practice people use for the deletion of user profiles on AIX systems? At the moment, I currently don't delete any user profiles, they are just disabled as they... (1 Reply)
Discussion started by: SteveCPayne
1 Replies

3. AIX

User auditing from AIX server

I am trying to find out the information of my local desktop when i use putty to login to an AIX server. This is what I do: 1. login to my PC 2. take a putty session to an AIX server Can i get information of my local desktop from the AIX server ? Is there a command available ? Thanks (8 Replies)
Discussion started by: Nagesh_1985
8 Replies

4. Solaris

Solaris user auditing

Hello, I was wondering when Solaris auditing is enabled, If it is possible to keep track of users that are allowed to sudo to root. In other words, I would like to know which user did what on my Solaris box. (assumig that user can "sudo su -" ) Thanks. (2 Replies)
Discussion started by: niyazi
2 Replies

5. Shell Programming and Scripting

user auditing

Hello, is there some way to track what shell commands some user is executing ? Something like to have some log file where i could see what commands some user used, e.g. rm -r dirname , ls -l .... and so on ... I have 2.6.13-1.1526_FC4smp (9 Replies)
Discussion started by: tonijel
9 Replies

6. Shell Programming and Scripting

Script for Oracle user activity auditing

Hi All, I need to put in place a UNIX shell script that calls three sql scripts & reports to the DBAs. I already have the three sql scripts in place & they perform the following database auditing actions: 1. actions.sql This script queries the DBA_AUDIT _TRAIL table to look for database user... (2 Replies)
Discussion started by: divroro12
2 Replies

7. Solaris

add administrator user to system

Hello I have a new job and I need change the last user administrator, I dont know if is easier change some things about this user or add my user in the group with every permission, how can I do it. I dont know which is the group. I think is no only useradd en after modify /etc/passwd. Tank... (14 Replies)
Discussion started by: cata
14 Replies

8. HP-UX

Auditing User's actions

Hi all I hope to find what i'm looking for in this forum as said in the topic i want to track user's actions on the system. i mean also the action of moving or removing files. I have an HP 9000 with HP UX 11i. the users log on the HP from a terminal window under WIndows XP Thx (3 Replies)
Discussion started by: Timberland
3 Replies

9. AIX

User Auditing

i want to audit user commands .. keep track of what commands each user has been giving .. can this be done by writing a script in engraving it in .profile of the user. or is there any other way of doing this ... rgds raj (2 Replies)
Discussion started by: rajesh_149
2 Replies
Login or Register to Ask a Question

LEARN ABOUT OPENSOLARIS

audit

audit(1M)						  System Administration Commands						 audit(1M)

NAME

       audit - control the behavior of the audit daemon

SYNOPSIS

       audit -n | -s | -t | -v [path]

DESCRIPTION

       The audit command is the system administrator's interface to maintaining the audit trail. The audit daemon can be notified to read the con-
       tents of the audit_control(4) file and re-initialize the current audit directory to the first directory listed in the audit_control file or
       to  open  a  new  audit	file in the current audit directory specified in the audit_control file, as last read by the audit daemon. Reading
       audit_control also causes the minfree and plugin configuration lines to be re-read and reset within auditd. The audit daemon  can  also	be
       signaled to close the audit trail and disable auditing.

OPTIONS

       -n	  Notify the audit daemon to close the current audit file and open a new audit file in the current audit directory.

       -s	  Notify  the audit daemon to read the audit control file. The audit daemon stores the information internally. If the audit daemon
		  is not running but audit has been enabled by means of bsmconv(1M), the audit daemon is started.

       -t	  Direct the audit daemon to close the current audit trail file, disable auditing, and die. Use -s to restart auditing.

       -v path	  Verify the syntax for the audit control file stored in path. The audit command displays an approval message or outputs  specific
		  error messages for each error found.

DIAGNOSTICS

       The audit command will exit with 0 upon success and a positive integer upon failure.

FILES

	   o	  /etc/security/audit_user

	   o	  /etc/security/audit_control

ATTRIBUTES

       See attributes(5) for descriptions of the following attributes:

       +-----------------------------+-----------------------------+
       |      ATTRIBUTE TYPE	     |	    ATTRIBUTE VALUE	   |
       +-----------------------------+-----------------------------+
       |Availability		     |SUNWcsu			   |
       +-----------------------------+-----------------------------+
       |Stability		     |Evolving			   |
       +-----------------------------+-----------------------------+

SEE ALSO

       bsmconv(1M), praudit(1M), audit(2), audit_control(4), audit_user(4), attributes(5)

       See the section on Solaris Auditing in System Administration Guide: Security Services.

NOTES

       The  functionality  described in this man page is available only if the Solaris Auditing feature has been enabled. See bsmconv(1M) for more
       information.

       The audit command does not modify a process's preselection mask. It functions are limited to the following:

	   o	  affects which audit directories are used for audit data storage;

	   o	  specifies the minimum free space setting;

	   o	  resets the parameters supplied by means of the plugin directive.

       For the -s option, audit validates the audit_control syntax and displays an error message if a syntax error is found.  If  a  syntax  error
       message	is  displayed,	the audit daemon does not re-read audit_control. Because audit_control is processed at boot time, the -v option is
       provided to allow syntax checking of an edited copy of audit_control. Using -v, audit exits with 0 if the syntax is correct; otherwise,	it
       returns a positive integer.

       The  -v	option	can be used in any zone, but the -t, -s, and -n options are valid only in local zones and, then, only if the perzone audit
       policy is set. See auditd(1M) and auditconfig(1M) for per-zone audit configuration.

SunOS 5.11							    16 Apr 2008 							 audit(1M)