Hi,

Does BaaN keep a log of all failure login attempt from users? I have search the forum but unable to get any related thread. Maybe I am searching the wrong keyword?

Can anyone show me a way to read those log file if possible or point me to the correct thread. Thank you very much.

Server info:
BaaN IVb4
Sun Solaris 5.8
Portingset 6.1c.06.07
BW B40c.62

check the file log.licd6.x in $BSE/log folder.

I have tried that, but nothing was log when someone key in a wrong password.

In Baan you have to distinguish between Baan an Portingset... OS specific tasks are performed by the portingset.

When connecting to Baan it a client server issue. The client process (bshell) is running on a server and passing information to the client. But before information can be logged by client connections you need a connection to the server to start the bshell process there as an authorized user.

In this case Baan does not log who fails to login because the login is done on OS level, not in Baan.

(Domain login) Baan Server login - Baan login (license issue etc, log.licd6.X) - working in Baan.

Failing logins should be logged on OS level see the logfiles there. On (HP)Unix you can use command lastb.

Problem is that for users who use GUI client, the OS dun register it as a login and so nothing was log under the command "last"

Currently I got one suggestion from BaaN that we are still reviewing but I am still open to suggestion.

Thank again.

From Unix command "man wtmp":

File utmp contains a record of all users logged onto the system.

File btmp contains bad login entries for each invalid logon attempt.

File wtmp contains a record of all logins and logouts.

On my HP-UX system, these are located in /usr/adm. Ask your Unix SysAdmin for more details on what they keep, for how long, and where.

Originally posted by Brendan Shine
From Unix command "man wtmp":

File utmp contains a record of all users logged onto the system.

File btmp contains bad login entries for each invalid logon attempt.

File wtmp contains a record of all logins and logouts.

On my HP-UX system, these are located in /usr/adm. Ask your Unix SysAdmin for more details on what they keep, for how long, and where.

This does not work unless users is using BaaN as a telnet session. If using GUI mode such as BaaN client, nothing is log by the OS.

I just did BW-GUI rexec to test box as Baan User "shineb" using xxx as password to force a failure.

Here is what showed up in the Unix log file /usr/adm/btmp:

$ strings -a btmp | tail
aik199061.aik.va
=kbeattan
rexecd
appp775.app.valm
kbeattan
rexecd
appp775.app.valm
shineb
rexecd
130.04.90.7
$

Not sure why to say as to why your system isn't logging anything.

Is this the same in the Solaris because I am unable to find the file btmp?

I have also tried the same command on a few file that is the in the directory which have their modified time changed after I make a login failure but none show anything that has the failed login name.

Is this the same in the Solaris because I am unable to find the file btmp?

I have also tried the same command on a few file that is the in the directory which have their modified time changed after I make a login failure but none show anything that has the failed login name.

Use man -k btmp to see if your Solaris Unix manual pages find any keywords relating to btmp.

Look to see if you the following file exists:
/var/adm/loginlog

If not, create it (or have Unix sysadmin do it) so recording of failed logins is enabled:
touch /var/adm/loginlog
chown root /var/adm/loginlog
chgrp sys /var/adm/loginlog
chmod 660 /var/adm/loginlog

Once this file has been created, failed logins should be recorded in this ascii file according to a google search I did on "Solaris btmp".

Regards,
Brendan

To read the failed login file, can use lastb command (this works on HP-UX, not sure about Solaris--try it and see):

$ lastb
shineb rexecd Thu Oct 16 12:25

btmp begins Thu Oct 16 12:25
$

hi

utmp & wtmp database files are now obsolete by solaris 8. u may check with utmpx & wtmpx in /var/adm.

Sanjay

Originally posted by sanjayroongta
hi

utmp & wtmp database files are now obsolete by solaris 8. u may check with utmpx & wtmpx in /var/adm.

Sanjay

Yes, those are the 2 files I have checked but found nothing.

I have also check the loginlog but found nothing log as well. I guess the OS does not log any failure by program that do not directly login to it.