SU logging - enforced NIS

[AnotherAlan]

Morning all,
Just a request for info really.
We would like to enforce NIS in our Solaris environment. Now although this can be done through nsswitch we have a number of local application accounts that some users always use and which we cannot disable.
I am toying with the idea of writing a script to report back on any 'illegal' login activity, however, I wondered if there was already a utility to do this as I do not want to reinvent the wheel.
In essence, a non-NIS logon would be picked up and sent to a file / web page and the pesky user either made to get the teas in or forced to stand on their head for ten minutes.

Does anyone know of anything similar in function.
Thanks
Alan

 

[dennislv]

There are numerous log files that report failed and successful login attempts. I'm not sure were to find them on Solaris, but I'd try /var/log or somewhere around there. More than likely it will be off the /var directory.

 

[AnotherAlan]

Hi Dennislv,

Thanks for the reply. I guess what I was looking for was an exisiting utility, something like the audit and security functions of Solaris. Or if anyone knew of any freeware that fits the bill.
I can examine the /var/adm/sulog and wtmp to gather the info as you suggest.
Thanks again.
Alan