Changed accounts (UNIX)

Module: Account Integrity

This check reports user accounts that were changed after the last user snapshot update. Reported changes include user id, group id, home directory, login shell, and GECOS field.

The following table lists the error message for the check.

Table: Error message for Changed accounts

Message String ID and Category	Platform and Message Numeric ID	Message Title and Description	Additional Information
String ID: STKU_CHGUSER Category: ESM Administrative Information	UNIX (5161)	Title: Changed user account Description:The listed accounts have changed on your system since the last time the Symantec ESM user snapshot was updated. If these accounts were not changed by the system administrator, they could represent a security breach. Check all account changes to be sure they are authorized. Then update your snapshot to include all authorized changes.	Severity: yellow-1 Correctable: false Snapshot Updatable: true Template Updatable: false Information Field Format: [%s]

Message String ID and Category

Platform and Message Numeric ID

Message Title and Description

Additional Information

String ID: STKU_CHGUSER

Category: ESM Administrative Information

UNIX (5161)

Title: Changed user account

Description:The listed accounts have changed on your system since the last time the Symantec ESM user snapshot was updated. If these accounts were not changed by the system administrator, they could represent a security breach. Check all account changes to be sure they are authorized. Then update your snapshot to include all authorized changes.

Severity: yellow-1

Correctable: false

Snapshot Updatable: true

Template Updatable: false

Information Field Format: [%s]