HP OpenVMS Systemsask the wizard |
The Question is: Is there any way we can obtain a list of users who have not logged onto VMS for the past 90 days? The Answer is : There are various freeware and commercial tools that are available to assist you in managing your SYSUAF authorization database. If you wish to create your own tool, you will want to use sys$getuai. Unfortunately, there is no DCL lexical F$GETUAI, and there is no DCL nor system service routine that permits you to wildcard through the usernames available in the SYSUAF authorization database. The attached DCL will permit you to access SYSUAF directly, using the authorization format extraced from $UAFDEF in the system library LIB.MLB or UAFDEF in the C system library sys$library:sys$lib_c.tlb. This DCL makes undocumented and direct access to SYSUAF, and accordingly this DCL may (will?) have to be changed if the format of records within SYSUAF should change at any time in the future. This attached DCL code also only looks at the locally-maintained settings in SYSUAF, and does not particularly concern itself with remote (distributed) authentication. You can also use the password expiration mechanism to automatically disable users that have not logged in within your specified window. (This is obviously not a direct solution, but it may suffice for your local needs.) The following DCL permits you to convert the binary date found in the record into a DCL-friendly text format: $binary_date = F$EXTRACT(date_offset,8,your_record) $ascii_date = F$FAO("!%D",f$cvui(32,32,f$fao("!AD",8,binary_date))) A sample DCL solution follows: $ if p1.eqs."" $ then $ write sys$output "Please provide last-login (interactive) cutoff date" $ exit $ else $ cut_date = f$cvtime(p1) !Convert to (default) comparision format $ endif $ close/nolog uaf $ open /read /share uaf 'f$parse("SYSUAF","SYS$SYSTEM:.DAT",,,"SYNTAX_ONLY") $loop: $ read/end=done uaf rec $ username=f$extr(4,12,rec) ! UAF$T_USERNAME, UAF$S_USERNAME $ bin_date=f$extr(396,8,rec) ! UAF$Q_LASTLOGIN_I, UAF$S_LASTLOGIN_I $ if f$cvsi(0,32,bin_date) .eq. 0 then goto loop $ asc_date=f$fao("!%D",f$cvui(32,32,f$fao("!AD",8,bin_date))) $ cmp_date=f$cvtime(asc_date) $ if cmp_date .les. cut_date then write sys$output username, " ", asc_date $goto loop $done: $ close/nolog uaf
|