HP OpenVMS Systems

ask the wizard
Content starts here

Aging of last username login into OpenVMS?

» close window

The Question is:

Is there any way we can obtain a list of users who have not logged onto VMS for
 the past 90 days?

The Answer is :

  There are various freeware and commercial tools that are available to
  assist you in managing your SYSUAF authorization database.
  If you wish to create your own tool, you will want to use sys$getuai.
  Unfortunately, there is no DCL lexical F$GETUAI, and there is no DCL
  nor system service routine that permits you to wildcard through the
  usernames available in the SYSUAF authorization database.
  The attached DCL will permit you to access SYSUAF directly, using
  the authorization format extraced from $UAFDEF in the system library
  LIB.MLB or UAFDEF in the C system library sys$library:sys$lib_c.tlb.
  This DCL makes undocumented and direct access to SYSUAF, and accordingly
  this DCL may (will?) have to be changed if the format of records within
  SYSUAF should change at any time in the future.  This attached DCL code
  also only looks at the locally-maintained settings in SYSUAF, and does
  not particularly concern itself with remote (distributed) authentication.
  You can also use the password expiration mechanism to automatically
  disable users that have not logged in within your specified window.
  (This is obviously not a direct solution, but it may suffice for your
  local needs.)
  The following DCL permits you to convert the binary date found in the
  record into a DCL-friendly text format:
    $binary_date = F$EXTRACT(date_offset,8,your_record)
    $ascii_date  = F$FAO("!%D",f$cvui(32,32,f$fao("!AD",8,binary_date)))
  A sample DCL solution follows:
$ if p1.eqs.""
$ then
$   write sys$output "Please provide last-login (interactive) cutoff date"
$   exit
$ else
$   cut_date = f$cvtime(p1)   !Convert to (default) comparision format
$ endif
$ close/nolog uaf
$ open /read /share uaf 'f$parse("SYSUAF","SYS$SYSTEM:.DAT",,,"SYNTAX_ONLY")
$ read/end=done uaf rec
$ username=f$extr(4,12,rec)             ! UAF$T_USERNAME,    UAF$S_USERNAME
$ bin_date=f$extr(396,8,rec)  		! UAF$Q_LASTLOGIN_I, UAF$S_LASTLOGIN_I
$ if f$cvsi(0,32,bin_date) .eq. 0 then goto loop
$ asc_date=f$fao("!%D",f$cvui(32,32,f$fao("!AD",8,bin_date)))
$ cmp_date=f$cvtime(asc_date)
$ if cmp_date .les. cut_date then write sys$output username, " ", asc_date
$goto loop
$ close/nolog uaf

answer written or last revised on ( 15-OCT-2001 )

» close window