find inactive accounts
Steve Glasser
sgla9347 at gmail.com
Wed Jan 20 00:41:21 EST 2010
Hi list,
For PCI reasons I have to report all accounts which have been inactive
(i.e. no logins) for three months. The goal here is to automate the
process...
I know I can get users and login dates from krb5kdc.log, and I can
find the last login date. However Kerberos logs dates as "month day",
so to do date math for dates going back into last year is awkward at
best. So...
a) can I configure Kerberos to log "month day year"?
b) is there a better way to do this audit?
Thanks,
--
Steve Glasser
sgla9347 at gmail.com
More information about the Kerberos
mailing list