Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations Wanet Telecoms Ltd on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
Lastlogin Report AIX
- Thread starter june54
- Start date
Hi there,
there's supposed to be an AIX command "lsuser" that might be of use. But I've never tried it.
there's also something I found at
maybe it will help you ...:
lastlog File Format
Purpose
Defines the last login attributes for users.
Description
The /etc/security/lastlog file is an ASCII file that contains stanzas with the last login attributes for users. Each stanza is identified by a user name and contains attributes in the Attribute=Value form. Each attribute is ended by a new-line character, and each stanza is ended by an additional new-line character.
Each stanza can have the following attributes:
time_last_login Specifies the number of seconds since the epoch (00:00:00 GMT, January 1, 1970) since the last successful login. The value is a decimal integer.
tty_last_login Specifies the terminal on which the user last logged in. The value is a character string.
host_last_login Specifies the host from which the user last logged in. The value is a character string.
unsuccessful_login_count Specifies the number of unsuccessful login attempts since the last successful login. The value is a decimal integer. This attribute works in conjunction with the user's loginretries attribute, specified in the /etc/security/user file, to lock the user's account after a specified number of consecutive unsuccessful login attempts. Once the user's account is locked, the user will not be able to log in until the system administrator resets the user's unsuccessful_login_count attribute to be less than the value of loginretries. To do this, enter the following:
chsec -f /etc/security/lastlog -s username -a \ unsuccessful_login_count=0
time_last_unsuccessful_login Specifies the number of seconds since the epoch (00:00:00 GMT, January 1, 1970) since the last unsuccessful login. The value is a decimal integer.
tty_last_unsuccessful_login Specifies the terminal on which the last unsuccessful login attempt occurred. The value is a character string.
host_last_unsuccessful_login Specifies the host from which the last unsuccessful login attempt occurred. The value is a character string.
All user database files should be accessed through the system commands and subroutines defined for this purpose. Access through other commands or subroutines may not be supported in future releases.
The mkuser command creates a user stanza in the lastlog file. The attributes of this user stanza are initially empty. The field values are set by the login command as a result of logging in to the system. The lsuser command displays the values of these attributes; the rmuser command removes the user stanza from this file, along with the user account.
Security
Access Control: This command should grant read (r) access to the root user, members of the security group, and others consistent with the security policy for the system. Only the root user should have write (w) access.
Examples
A typical stanza is similar to the following example for user bck:
bck:
time_last_unsuccessful_login = 732475345
tty_last_unsuccessful_login = tty0
host_last_unsuccessful_login = waterski
unsuccessful_login_count = 0
time_last_login = 734718467
tty_last_login = lft/0
host_last_login = waterskiFiles
/etc/security/lastlog Specifies the path to the lastlog file.
/etc/group Contains the basic attributes of groups.
/etc/security/group Contains the extended attributes of groups.
/etc/passwd Contains the basic attributes of users.
/etc/security/passwd Contains password information.
/etc/security/environ Contains the environment attributes of users.
/etc/security/user Contains the extended attributes of users.
/etc/security/limits Contains the process resource limits of users.
Regards
Thomas
there's supposed to be an AIX command "lsuser" that might be of use. But I've never tried it.
there's also something I found at
maybe it will help you ...:
lastlog File Format
Purpose
Defines the last login attributes for users.
Description
The /etc/security/lastlog file is an ASCII file that contains stanzas with the last login attributes for users. Each stanza is identified by a user name and contains attributes in the Attribute=Value form. Each attribute is ended by a new-line character, and each stanza is ended by an additional new-line character.
Each stanza can have the following attributes:
time_last_login Specifies the number of seconds since the epoch (00:00:00 GMT, January 1, 1970) since the last successful login. The value is a decimal integer.
tty_last_login Specifies the terminal on which the user last logged in. The value is a character string.
host_last_login Specifies the host from which the user last logged in. The value is a character string.
unsuccessful_login_count Specifies the number of unsuccessful login attempts since the last successful login. The value is a decimal integer. This attribute works in conjunction with the user's loginretries attribute, specified in the /etc/security/user file, to lock the user's account after a specified number of consecutive unsuccessful login attempts. Once the user's account is locked, the user will not be able to log in until the system administrator resets the user's unsuccessful_login_count attribute to be less than the value of loginretries. To do this, enter the following:
chsec -f /etc/security/lastlog -s username -a \ unsuccessful_login_count=0
time_last_unsuccessful_login Specifies the number of seconds since the epoch (00:00:00 GMT, January 1, 1970) since the last unsuccessful login. The value is a decimal integer.
tty_last_unsuccessful_login Specifies the terminal on which the last unsuccessful login attempt occurred. The value is a character string.
host_last_unsuccessful_login Specifies the host from which the last unsuccessful login attempt occurred. The value is a character string.
All user database files should be accessed through the system commands and subroutines defined for this purpose. Access through other commands or subroutines may not be supported in future releases.
The mkuser command creates a user stanza in the lastlog file. The attributes of this user stanza are initially empty. The field values are set by the login command as a result of logging in to the system. The lsuser command displays the values of these attributes; the rmuser command removes the user stanza from this file, along with the user account.
Security
Access Control: This command should grant read (r) access to the root user, members of the security group, and others consistent with the security policy for the system. Only the root user should have write (w) access.
Examples
A typical stanza is similar to the following example for user bck:
bck:
time_last_unsuccessful_login = 732475345
tty_last_unsuccessful_login = tty0
host_last_unsuccessful_login = waterski
unsuccessful_login_count = 0
time_last_login = 734718467
tty_last_login = lft/0
host_last_login = waterskiFiles
/etc/security/lastlog Specifies the path to the lastlog file.
/etc/group Contains the basic attributes of groups.
/etc/security/group Contains the extended attributes of groups.
/etc/passwd Contains the basic attributes of users.
/etc/security/passwd Contains password information.
/etc/security/environ Contains the environment attributes of users.
/etc/security/user Contains the extended attributes of users.
/etc/security/limits Contains the process resource limits of users.
Regards
Thomas
june54,
Why don't you try "last" command to see the list. And you can simpy redirect that in a text file. Like
# last > lastlog.txt
If you have a printer attached with the machine, you may do print of lastlog.txt file.
This also can be viewed by
# who /var/adm/wtmp
Regards,
-Sam
Why don't you try "last" command to see the list. And you can simpy redirect that in a text file. Like
# last > lastlog.txt
If you have a printer attached with the machine, you may do print of lastlog.txt file.
This also can be viewed by
# who /var/adm/wtmp
Regards,
-Sam
- Status
Similar threads
- Locked
- Question