View previous topic :: View next topic |
Author |
Message |
razor12
Joined: 30 Jan 2014 Posts: 4
|
Posted: Thu Jan 30, 2014 12:17 pm Post subject: Reading SYSUAF |
|
|
Hi Guys
I am new to this stuff and I am required to read the contents of a Sysuaf.dat for auditing purposes.
Is there any way to convert the file to a readable format?
Thanks. |
|
Back to top |
|
 |
neilrieck
Joined: 21 Jan 2014 Posts: 5 Location: Waterloo, Ontario, Canada.
|
Posted: Thu Jan 30, 2014 2:39 pm Post subject: Re: Reading SYSUAF |
|
|
razor12 wrote: | Hi Guys
I am new to this stuff and I am required to read the contents of a Sysuaf.dat for auditing purposes.
Is there any way to convert the file to a readable format?
Thanks. |
SYSUAF is a 4-key ISAM file created and manipulated via RMS. So if you wanted to use COBOL or BASIC to open it directly (provided you have the privs) then you should start by creating an FDL
$set def sys$system
$ana/rms/fdl SYSUAF.DAT
$typ SYSUAF.FDL
Use the contents of SYSUAF.FDL to write your program.
Make sure you open/read SYSUAF.DAT without file/record locking for obvious reasons.
###
A poor-man approach would be to run authorize then do a list/full to a text file. You would need to write a program to parse this generated test file. |
|
Back to top |
|
 |
jescab
Joined: 28 Jan 2008 Posts: 254
|
Posted: Thu Jan 30, 2014 10:33 pm Post subject: |
|
|
Also note that (since we are *here* after all) the Python kit for OpenVMS has an interface to the UAF built-in.
See as an example: http://www.vmspython.org/LastAccountLoginExample
Regards, Jan-Erik. |
|
Back to top |
|
 |
razor12
Joined: 30 Jan 2014 Posts: 4
|
Posted: Fri Jan 31, 2014 2:42 pm Post subject: |
|
|
ok I have managed to obtain the sysuaf.lis which is in a much more readable format.
However, it is difficult to manage, as you have to search for everything. With 1700 users that takes some time.
I would like to find some sort of program that would extract all that data and put it into an excel format so that I can pivot etc.
I am not a programmer and have no idea where to start. I have tried to pull in the sysuaf.lis into Access and manually write queries to extract the data, but for certain things like: "Authorized Privileges" etc it is difficult to link it to a specific user....
I am not sure if this is possible, but i am talking about receiving the Sysuaf.lis file and manipulating it outside of VMS. |
|
Back to top |
|
 |
razor12
Joined: 30 Jan 2014 Posts: 4
|
Posted: Fri Jan 31, 2014 2:44 pm Post subject: Re: Reading SYSUAF |
|
|
neilrieck wrote: | razor12 wrote: | Hi Guys
I am new to this stuff and I am required to read the contents of a Sysuaf.dat for auditing purposes.
Is there any way to convert the file to a readable format?
Thanks. |
SYSUAF is a 4-key ISAM file created and manipulated via RMS. So if you wanted to use COBOL or BASIC to open it directly (provided you have the privs) then you should start by creating an FDL
$set def sys$system
$ana/rms/fdl SYSUAF.DAT
$typ SYSUAF.FDL
Use the contents of SYSUAF.FDL to write your program.
Make sure you open/read SYSUAF.DAT without file/record locking for obvious reasons.
###
A poor-man approach would be to run authorize then do a list/full to a text file. You would need to write a program to parse this generated test file. |
This is what I need, i am a poor man |
|
Back to top |
|
 |
neilrieck
Joined: 21 Jan 2014 Posts: 5 Location: Waterloo, Ontario, Canada.
|
Posted: Fri Jan 31, 2014 4:00 pm Post subject: |
|
|
Thanks for this example. Pulling information out of SYSUAF.DAT this way seems less error prone than doing it directly with a 3G language. It is also seems like a lot less work than scraping through a plain-text dump. |
|
Back to top |
|
 |
jescab
Joined: 28 Jan 2008 Posts: 254
|
Posted: Sat Feb 01, 2014 1:10 am Post subject: |
|
|
Well, *someone else* has figured out the internal format of the file for you.
That alone is worth a lot...
> I would like to find some sort of program that would extract all that data and put it into an excel format so that I can pivot etc.
A Python script could scan through the UAF file and write out any file format you like.
Such as CSV that can easily be load it into Excel.
Or simply filter the data in Python directly and print the result. |
|
Back to top |
|
 |
razor12
Joined: 30 Jan 2014 Posts: 4
|
Posted: Wed Feb 05, 2014 11:20 am Post subject: |
|
|
ok excellent.
I have managed to export the information to access, however, I am struggling with SQL code to extract the information and given that my coding knowledge is very limited, hopefully you guys might be able to help with some python coding.
Here is an extract of the file: >>>
Quote: | Username: ALANCPS Owner: PENSIONS
Account: PENSION UIC: [300,0] ([PENSIONS])
CLI: DCL Tables: DCLTABLES
Default: CPS_DEVICE:[CPS]
LGICMD: LOGIN
Flags: DisUser
Primary days: Mon Tue Wed Thu Fri
Secondary days: Sat Sun
No access restrictions
Expiration: (none) Pwdminimum: 8 Login Fails: 0
Pwdlifetime: 30 00:00 Pwdchange: (pre-expired)
Last Login: (none) (interactive), (none) (non-interactive)
Maxjobs: 0 Fillm: 1024 Bytlm: 130000
Maxacctjobs: 0 Shrfillm: 0 Pbytlm: 0
Maxdetach: 0 BIOlm: 4096 JTquota: 8192
Prclm: 10 DIOlm: 4096 WSdef: 100000
Prio: 4 ASTlm: 250 WSquo: 200000
Queprio: 0 TQElm: 20 WSextent: 210000
CPU: (none) Enqlm: 2000 Pgflquo: 4000000
Authorized Privileges:
ACNT ALLSPOOL ALTPRI AUDIT BUGCHK BYPASS
CMEXEC CMKRNL DIAGNOSE DOWNGRADE EXQUOTA GROUP
GRPNAM GRPPRV IMPERSONATE IMPORT LOG_IO MOUNT
NETMBX OPER PFNMAP PHY_IO PRMCEB PRMGBL
PRMMBX PSWAPM READALL SECURITY SETPRV SHARE
SHMEM SYSGBL SYSLCK SYSNAM SYSPRV TMPMBX
UPGRADE VOLPRO WORLD
Default Privileges:
ACNT ALLSPOOL ALTPRI AUDIT BUGCHK BYPASS
CMEXEC CMKRNL DIAGNOSE DOWNGRADE EXQUOTA GROUP
GRPNAM GRPPRV IMPERSONATE IMPORT LOG_IO MOUNT
NETMBX OPER PFNMAP PHY_IO PRMCEB PRMGBL
PRMMBX PSWAPM READALL SECURITY SETPRV SHARE
SHMEM SYSGBL SYSLCK SYSNAM SYSPRV TMPMBX
UPGRADE VOLPRO WORLD
|
AND
Quote: | Username: AFFLNETC07 Owner: PENSIONS
Account: PENSION UIC: [300,0] ([PENSIONS])
CLI: DCL Tables: DCLTABLES
Default: CPS_DEVICE:[CPS]
LGICMD: LOGIN
Flags: DisCtlY Restricted DisUser
Primary days: Mon Tue Wed Thu Fri
Secondary days: Sat Sun
Primary 000000000011111111112222 Secondary 000000000011111111112222
Day Hours 012345678901234567890123 Day Hours 012345678901234567890123
Network: ----- No access ------ ----- No access ------
Batch: ##### Full access ###### ##### Full access ######
Local: ##### Full access ###### ##### Full access ######
Dialup: ----- No access ------ ----- No access ------
Remote: ##### Full access ###### ##### Full access ######
Expiration: (none) Pwdminimum: 8 Login Fails: 0
Pwdlifetime: 30 00:00 Pwdchange: (pre-expired)
Last Login: (none) (interactive), (none) (non-interactive)
Maxjobs: 0 Fillm: 1024 Bytlm: 64000
Maxacctjobs: 0 Shrfillm: 0 Pbytlm: 0
Maxdetach: 0 BIOlm: 150 JTquota: 4096
Prclm: 2 DIOlm: 150 WSdef: 2000
Prio: 4 ASTlm: 250 WSquo: 2048
Queprio: 0 TQElm: 20 WSextent: 16384
CPU: (none) Enqlm: 2000 Pgflquo: 900000
Authorized Privileges:
NETMBX TMPMBX
Default Privileges:
NETMBX TMPMBX |
As you can see not all users have the same number of privileges.
So basically this is my thought process: >>>
There are 1780 users in the text file.
For Authorised Privileges:
-> Read every line until textline = "Authorised Privileges"
-> Write every line after this to a single string file with a "," delimiter
-> Stop writing until textline = "Default Privileges"
Now my expected output would be:
String 1: ACNT,ALLSPOOL,ALTPRI,AUDIT,BUGCHK,BYPASS,CMEXEC,CMKRNL,DIAGNOSE,DOWNGRADE,EXQUOTA,GROUP,GRPNAM,GRPPRV,IMPERSONATE,IMPORT,LOG_IO,MOUNT,NETMBX,OPER,PFNMAP...etc...,WORLD
String 2:
NETMBX,TMPMBX |
|
Back to top |
|
 |
|