Hello,
I have a situation, where I ask for to get a list of all inactive users (expire or locked in last 41 days). I looked into /etc/shadow (no such file in my server). I referred some old threads but not found useful information.
I'm using AIX 5.3 .... I have total 1641 users in server.
Folks ... answer are really appreciated. Thank you. 
There is no /etc/shadow on AIX. A similar file is /etc/security/passwd and some others in that directory. The information you are looking for should be in /etc/security/lastlog .
@zaxxon - thanks for reply.
How can I break it in simple to locate only inactive user (expire or locked in last 41 days) from /etc/security/lastlog. I have 1641 user account. Anybody please post some script to make this operation simple. Thank you - Sumit
Here's a script I copied from another forum and quickly tested on one of my boxes:
#!/usr/bin/ksh
#set -x
#Try this script.
#It will check and lock the accounts automatically for those logins that
#have not been used to s set number of days.
expdays=60 #<< ---- Set number of days in past here!
let expiry=86400*$expdays
locked=" "
LOG_FILE=/tmp/${0}.log
tmp1=/tmp/exp.tmp1.$$
tmp2=/tmp/exp.tmp2.$$
tmp2a=/tmp/exp.tmp2a.$$
tmp3=/tmp/exp.tmp3.$$
# List all users that are allowed to login
lsuser -a login account_locked time_last_login ALL |grep -Ev ^"root|daemon|bin|sys|adm|nobody" | grep "login=true" > $tmp1
# get all users who have logged in at least once with login date
grep 'time_last_login' $tmp1 | sed -e 's/login=true //' -e 's/account_locked=//' -e 's/time_last_login=//' >$tmp2
# get all users who have not logged in since creation
grep -v 'time_last_login' $tmp1 | sed -e 's/login=true //' -e 's/account_locked=//' >$tmp2a
# get today's date in seconds from epoch for comparison
year=`date +%Y`
day=`date +%j`
hour=`date +%H`
minute=`date +%M`
let today="($year - 1970) * 365 * 86400 + ($day - 1) * 86400 + $hour * 3600 + $minute * 60 + ($year - 1969) / 4 * 86400"
# for each user found, check whether has not been unused too long
cat $tmp2 |while read user locked last; do
let min=$today-$expiry
if [[ $min -gt $last ]]; then
let login="($today - $last) / 86400"
echo $user':'$login':'$locked >> $LOG_FILE
#chuser shell='/usr/local/bin/locked' account_locked='true' $user
fi
done
# Remove the tmp files
rm $tmp1
rm $tmp2
rm $tmp2a
Once everything looks good in the LOG_FILE, you can uncomment the "chuser" line if you want to start locking them.
As a start, this will filter out all accounts that didn't log in the last 41 days.
Bear in mind, that this will also list technical user, for example for daemons, as they never logged in, most probably.
awk -v now="$(perl -e "print time")" '
BEGIN{
d=41
el=now-(d*86400)
}
/:$/ {sub(/:/,""); a=$1; next}
/time_last_login/ && !/^\*/ {if($3 < el) {print a}}
' lastlog
Filtering out locked accounts etc. is your part now 
.. Thank you.
This script works. I was able to create a text file for inactive user. Thanks a tone.
