forum.vmspython.org Forum Index forum.vmspython.org
Forum system
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

Reading SYSUAF

 
Post new topic   Reply to topic    forum.vmspython.org Forum Index -> MySQL for OpenVMS
View previous topic :: View next topic  
Author Message
razor12



Joined: 30 Jan 2014
Posts: 4

PostPosted: Thu Jan 30, 2014 12:17 pm    Post subject: Reading SYSUAF Reply with quote

Hi Guys

I am new to this stuff and I am required to read the contents of a Sysuaf.dat for auditing purposes.

Is there any way to convert the file to a readable format?

Thanks.
Back to top
View user's profile Send private message
neilrieck



Joined: 21 Jan 2014
Posts: 5
Location: Waterloo, Ontario, Canada.

PostPosted: Thu Jan 30, 2014 2:39 pm    Post subject: Re: Reading SYSUAF Reply with quote

razor12 wrote:
Hi Guys

I am new to this stuff and I am required to read the contents of a Sysuaf.dat for auditing purposes.

Is there any way to convert the file to a readable format?

Thanks.


SYSUAF is a 4-key ISAM file created and manipulated via RMS. So if you wanted to use COBOL or BASIC to open it directly (provided you have the privs) then you should start by creating an FDL

$set def sys$system
$ana/rms/fdl SYSUAF.DAT
$typ SYSUAF.FDL

Use the contents of SYSUAF.FDL to write your program.

Make sure you open/read SYSUAF.DAT without file/record locking for obvious reasons.

###

A poor-man approach would be to run authorize then do a list/full to a text file. You would need to write a program to parse this generated test file.
Back to top
View user's profile Send private message Send e-mail Visit poster's website
jescab



Joined: 28 Jan 2008
Posts: 252

PostPosted: Thu Jan 30, 2014 10:33 pm    Post subject: Reply with quote

Also note that (since we are *here* after all) the Python kit for OpenVMS has an interface to the UAF built-in.
See as an example: http://www.vmspython.org/LastAccountLoginExample

Regards, Jan-Erik.
Back to top
View user's profile Send private message
razor12



Joined: 30 Jan 2014
Posts: 4

PostPosted: Fri Jan 31, 2014 2:42 pm    Post subject: Reply with quote

ok I have managed to obtain the sysuaf.lis which is in a much more readable format.

However, it is difficult to manage, as you have to search for everything. With 1700 users that takes some time.

I would like to find some sort of program that would extract all that data and put it into an excel format so that I can pivot etc.

I am not a programmer and have no idea where to start. I have tried to pull in the sysuaf.lis into Access and manually write queries to extract the data, but for certain things like: "Authorized Privileges" etc it is difficult to link it to a specific user....

I am not sure if this is possible, but i am talking about receiving the Sysuaf.lis file and manipulating it outside of VMS.
Back to top
View user's profile Send private message
razor12



Joined: 30 Jan 2014
Posts: 4

PostPosted: Fri Jan 31, 2014 2:44 pm    Post subject: Re: Reading SYSUAF Reply with quote

neilrieck wrote:
razor12 wrote:
Hi Guys

I am new to this stuff and I am required to read the contents of a Sysuaf.dat for auditing purposes.

Is there any way to convert the file to a readable format?

Thanks.


SYSUAF is a 4-key ISAM file created and manipulated via RMS. So if you wanted to use COBOL or BASIC to open it directly (provided you have the privs) then you should start by creating an FDL

$set def sys$system
$ana/rms/fdl SYSUAF.DAT
$typ SYSUAF.FDL

Use the contents of SYSUAF.FDL to write your program.

Make sure you open/read SYSUAF.DAT without file/record locking for obvious reasons.

###

A poor-man approach would be to run authorize then do a list/full to a text file. You would need to write a program to parse this generated test file.


This is what I need, i am a poor man
Back to top
View user's profile Send private message
neilrieck



Joined: 21 Jan 2014
Posts: 5
Location: Waterloo, Ontario, Canada.

PostPosted: Fri Jan 31, 2014 4:00 pm    Post subject: Reply with quote

jescab wrote:
Also note that (since we are *here* after all) the Python kit for OpenVMS has an interface to the UAF built-in.
See as an example: http://www.vmspython.org/LastAccountLoginExample

Regards, Jan-Erik.

Thanks for this example. Pulling information out of SYSUAF.DAT this way seems less error prone than doing it directly with a 3G language. It is also seems like a lot less work than scraping through a plain-text dump.
Back to top
View user's profile Send private message Send e-mail Visit poster's website
jescab



Joined: 28 Jan 2008
Posts: 252

PostPosted: Sat Feb 01, 2014 1:10 am    Post subject: Reply with quote

Well, *someone else* has figured out the internal format of the file for you.
That alone is worth a lot... Smile

> I would like to find some sort of program that would extract all that data and put it into an excel format so that I can pivot etc.

A Python script could scan through the UAF file and write out any file format you like.
Such as CSV that can easily be load it into Excel.
Or simply filter the data in Python directly and print the result.
Back to top
View user's profile Send private message
razor12



Joined: 30 Jan 2014
Posts: 4

PostPosted: Wed Feb 05, 2014 11:20 am    Post subject: Reply with quote

ok excellent.

I have managed to export the information to access, however, I am struggling with SQL code to extract the information and given that my coding knowledge is very limited, hopefully you guys might be able to help with some python coding.

Here is an extract of the file: >>>

Quote:
Username: ALANCPS Owner: PENSIONS
Account: PENSION UIC: [300,0] ([PENSIONS])
CLI: DCL Tables: DCLTABLES
Default: CPS_DEVICE:[CPS]
LGICMD: LOGIN
Flags: DisUser
Primary days: Mon Tue Wed Thu Fri
Secondary days: Sat Sun
No access restrictions
Expiration: (none) Pwdminimum: 8 Login Fails: 0
Pwdlifetime: 30 00:00 Pwdchange: (pre-expired)
Last Login: (none) (interactive), (none) (non-interactive)
Maxjobs: 0 Fillm: 1024 Bytlm: 130000
Maxacctjobs: 0 Shrfillm: 0 Pbytlm: 0
Maxdetach: 0 BIOlm: 4096 JTquota: 8192
Prclm: 10 DIOlm: 4096 WSdef: 100000
Prio: 4 ASTlm: 250 WSquo: 200000
Queprio: 0 TQElm: 20 WSextent: 210000
CPU: (none) Enqlm: 2000 Pgflquo: 4000000
Authorized Privileges:
ACNT ALLSPOOL ALTPRI AUDIT BUGCHK BYPASS
CMEXEC CMKRNL DIAGNOSE DOWNGRADE EXQUOTA GROUP
GRPNAM GRPPRV IMPERSONATE IMPORT LOG_IO MOUNT
NETMBX OPER PFNMAP PHY_IO PRMCEB PRMGBL
PRMMBX PSWAPM READALL SECURITY SETPRV SHARE
SHMEM SYSGBL SYSLCK SYSNAM SYSPRV TMPMBX
UPGRADE VOLPRO WORLD
Default Privileges:
ACNT ALLSPOOL ALTPRI AUDIT BUGCHK BYPASS
CMEXEC CMKRNL DIAGNOSE DOWNGRADE EXQUOTA GROUP
GRPNAM GRPPRV IMPERSONATE IMPORT LOG_IO MOUNT
NETMBX OPER PFNMAP PHY_IO PRMCEB PRMGBL
PRMMBX PSWAPM READALL SECURITY SETPRV SHARE
SHMEM SYSGBL SYSLCK SYSNAM SYSPRV TMPMBX
UPGRADE VOLPRO WORLD


AND

Quote:
Username: AFFLNETC07 Owner: PENSIONS
Account: PENSION UIC: [300,0] ([PENSIONS])
CLI: DCL Tables: DCLTABLES
Default: CPS_DEVICE:[CPS]
LGICMD: LOGIN
Flags: DisCtlY Restricted DisUser
Primary days: Mon Tue Wed Thu Fri
Secondary days: Sat Sun
Primary 000000000011111111112222 Secondary 000000000011111111112222
Day Hours 012345678901234567890123 Day Hours 012345678901234567890123
Network: ----- No access ------ ----- No access ------
Batch: ##### Full access ###### ##### Full access ######
Local: ##### Full access ###### ##### Full access ######
Dialup: ----- No access ------ ----- No access ------
Remote: ##### Full access ###### ##### Full access ######
Expiration: (none) Pwdminimum: 8 Login Fails: 0
Pwdlifetime: 30 00:00 Pwdchange: (pre-expired)
Last Login: (none) (interactive), (none) (non-interactive)
Maxjobs: 0 Fillm: 1024 Bytlm: 64000
Maxacctjobs: 0 Shrfillm: 0 Pbytlm: 0
Maxdetach: 0 BIOlm: 150 JTquota: 4096
Prclm: 2 DIOlm: 150 WSdef: 2000
Prio: 4 ASTlm: 250 WSquo: 2048
Queprio: 0 TQElm: 20 WSextent: 16384
CPU: (none) Enqlm: 2000 Pgflquo: 900000
Authorized Privileges:
NETMBX TMPMBX
Default Privileges:
NETMBX TMPMBX


As you can see not all users have the same number of privileges.

So basically this is my thought process: >>>

There are 1780 users in the text file.

For Authorised Privileges:
-> Read every line until textline = "Authorised Privileges"
-> Write every line after this to a single string file with a "," delimiter
-> Stop writing until textline = "Default Privileges"

Now my expected output would be:

String 1: ACNT,ALLSPOOL,ALTPRI,AUDIT,BUGCHK,BYPASS,CMEXEC,CMKRNL,DIAGNOSE,DOWNGRADE,EXQUOTA,GROUP,GRPNAM,GRPPRV,IMPERSONATE,IMPORT,LOG_IO,MOUNT,NETMBX,OPER,PFNMAP...etc...,WORLD

String 2:
NETMBX,TMPMBX
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    forum.vmspython.org Forum Index -> MySQL for OpenVMS All times are GMT + 2 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum


Powered by phpBB © 2001, 2005 phpBB Group