Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

help with finding inactive accounts on my linux box

223 views
Skip to first unread message

vizzan

unread,
Mar 1, 2005, 1:37:20 PM3/1/05
to
I have a linux box with about 300 accounts on it and need a way to see
which accounts have been inactive for a specfic amount of time so I can
remove them. Any help would be appreciated.

Lew Pitcher

unread,
Mar 1, 2005, 1:58:10 PM3/1/05
to
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Define 'inactive'.

If you mean, "haven't had a login for xx days", then you can use the
lastlog utility to find out the last login date for all your accounts.
- From there, you can filter out the ones with current logins, and the
rest (excluding system accounts) will be your inactive accounts.

How do you exclude system accounts? Typically, there is an account
number that is defined as the cutoff account; accounts with numbers
below this value are system accounts, and the rest are user accounts.
You can double-check the list by checking the home group for each
account; typical user accounts have a common "user" account group.


- --

Lew Pitcher, IT Specialist, Enterprise Data Systems
Enterprise Technology Solutions, TD Bank Financial Group

(Opinions expressed here are my own, not my employer's)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (MingW32)

iD8DBQFCJLtBagVFX4UWr64RAld/AKC5zL8j59Yxz9mz1HUbakAxTvR7kQCeMccm
1mxyIdlpievjryIcXhhBVSo=
=Njz9
-----END PGP SIGNATURE-----

vizzan

unread,
Mar 1, 2005, 2:21:59 PM3/1/05
to
"inactive" meaning having logged in via ftp etc.

Bit Twister

unread,
Mar 1, 2005, 2:28:32 PM3/1/05
to
On Tue, 01 Mar 2005 13:58:10 -0500, Lew Pitcher wrote:
>
> If you mean, "haven't had a login for xx days", then you can use the
> lastlog utility to find out the last login date for all your accounts.

Only back to the last log rotate which usually happens on Sunday oh
dark thirty if your box is on or anaconda is running.
Do not know if rotated weekly or monthly.

Wiseguy

unread,
Mar 1, 2005, 2:33:26 PM3/1/05
to
"vizzan" <djo...@gmail.com> scribbled on the stall wall:

> I have a linux box with about 300 accounts on it and need a way to see
> which accounts have been inactive for a specfic amount of time so I can
> remove them. Any help would be appreciated.

I know what I'd do. Send an email to all users telling them that they MUST
respond within one week or their account will be deactivated. Then I'd
deactivte the accounts of those who didn't respond, and after about a month I'd
completely remove the unused accounts...making sure there are archival
backups of the system first.

You can also check for (last access) date on the home directories themselves.
It's not foolproof but it does help get an idea of who has been using the
system. But make sure you're only using a backup program that doesn't hork
with file access dates during the backup procedure.

It is easier to gain forgiveness than it is to get permission...


----== Posted via Newsfeeds.Com - Unlimited-Uncensored-Secure Usenet News==----
http://www.newsfeeds.com The #1 Newsgroup Service in the World! 120,000+ Newsgroups
----= East and West-Coast Server Farms - Total Privacy via Encryption =----

0 new messages