Disabled accounts (UNIX)

Module: Account Integrity

This check examines login shells, passwords, and the .rhosts file to identify and report user accounts that are disabled. An account may be accessed remotely via rlogin, even when the account's password hash is invalid. To prevent this, the account must not have a .rhosts file, or it must be empty. Use the check's name lists to exclude or include accounts for the check. If you also enable the Accounts should be disabled check, the Disabled accounts check will automatically exclude the user accounts included for that check.

The following table lists the error message for the check.

Table: Error message for Disabled accounts

Message String ID and Category	Platform and Message Numeric ID	Message Title and Description	Additional Information
String ID: STKU_DISABLED Category: ESM Administrative Information	UNIX (5140)	Title: Account disabled Description:The named accounts have been disabled. This message provides information but does not require any action on your part.	Severity: green-0 Correctable: false Snapshot Updatable: false Template Updatable: false Information Field Format: [%s]

Message String ID and Category

Platform and Message Numeric ID

Message Title and Description

Additional Information

String ID: STKU_DISABLED

Category: ESM Administrative Information

UNIX (5140)

Title: Account disabled

Description:The named accounts have been disabled. This message provides information but does not require any action on your part.

Severity: green-0

Correctable: false

Snapshot Updatable: false

Template Updatable: false

Information Field Format: [%s]