Video Screencast Help

Control Compliance Suite for Unix 8.60

Created: 12 Mar 2012 | 2 comments

Not sure if I classify this as a solution or it could be information for some. Is there anyone on the forum still using BindView for Unix 8.60. We are still using the verson due to issues that are beyond me but however, I have to continue running the product until a decision is made. This could be due to the old vesion but just curious if anyone else is experiencing it. See the email below and I wonder if anyone else running 8.60 have seen this on any of their reports.

Issue:

I have a query created for checking inactive accounts and a query to look for the last password change date on users accounts. The same users that are on the last password change date report are on the inactive account report but with one difference. The last password report list the user with a last date for changing the password but for that same user Id on the inactive account report, it say the user has never logged in. Not sure if this has something to do with the query not using updated stuff or what. Basically, I am seeing a lot false positives. If there have been no updated to the last login piece of the query, should it still work for the old version?

 

Thank you.

Comments 2 CommentsJump to latest comment

Syed Hussain -Compliance Devil's picture

Hi,

To troubleshoot

1) Confirm by running a query for last logon information about this user.

2) Check if the user is disable, if it is that's the reason why it is showing in your inactive account report.

Note:  Even though the password is changed and if the user is disabled.  The user id will appear in both the reports.  Hope this answers your question.

Thanks,

-Syed Hussain

 

If a post solves your problem, please flag it as solved. If you like an item, please give it a thumbs up vote.
cmccoy2's picture

for version 8.6 we used the last logon from the /var/adm/wtmp for AIX and some other flavors (probably Linux and Solaris)   This file can have limits on it and potentially the last logon values may not be accurate if the file has been reset for some reason.   I think there were some options post version 8.6 that allowed the calculation of last logon date for user accounts was able to look at the lsuser data in AIX instead of the /var/adm/wtmp file.  

Hope that helps.