Solved

Is there a way to findout when (date) was the login account locked?

Posted on 2004-08-15
4
261 Views
Last Modified: 2008-03-10
Greeting DB Expert.

I have came to a dead end looking for some answer or some idea.
Currently, I am working on a project to clean up locked login account in the sybase DB who was locked for more than a month.
However, the sp_displaylogin nor "system table" does not shows me the status of when (date) the account was locked or by who (if possible). It seems like that there is an audit function to log all the "sso" or "sa" role's command text but that will be too much of information in the audit log to go over just to look for the information when the lock event was performed.

Your feedback will be a greet help
Thank in forward
soy
0
Comment
Question by:soykawasaki
4 Comments
 
LVL 14

Expert Comment

by:Jan_Franek
ID: 11809568
AFAIK, this information is not stored. So, you can either try to dig it out of audit data, or modify sp_locklogin procedure to store additional info about locks/unlocks of logins (probably into some table). If you choose second way, remember to add your modification into this procedure after each application of EBF.
0
 
LVL 6

Expert Comment

by:ChrisKing
ID: 11810575
suggest you could try something like a daily BCP out of the syslogins table, and then diff the file with the previous file.

you could then just grep the diff files for the username.

its a bit clunky, but if you are used to unix, then you should find fast and simple to deal with
0
 

Author Comment

by:soykawasaki
ID: 11816536
Is there better way if the type of the role which is performing lock event is sso role only?
We got more than 100 sybase servers and planing for the best way to get this secuirty issue working.
Or the sybase just does not have that kind of secuirty feature?
0
 

Accepted Solution

by:
grantq earned 100 total points
ID: 11961049
ASE Audit is supporting, but this needs CPU and disk space, and depending on the extent of your auditing this can be expensive.
Versioning master..syslogins is not difficult with an add-on solution, but it requires rework whenever the table changes.
An adequate solution may be that when the account is to be locked, as sso, you would pre-change the password to an arbitrary value and that will update the pwdate in master..syslogins. You can then use this as your point of reference.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Some code to ensure data integrity when using macros within Excel. Also included code that helps secure your data within an Excel workbook.
Introduction This article is intended for those who are new to PHP error handling (https://www.experts-exchange.com/articles/11769/And-by-the-way-I-am-New-to-PHP.html).  It addresses one of the most common problems that plague beginning PHP develop…
This Micro Tutorial will give you a basic overview how to record your screen with Microsoft Expression Encoder. This program is still free and open for the public to download. This will be demonstrated using Microsoft Expression Encoder 4.
Internet Business Fax to Email Made Easy - With eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…

911 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now