Web lists-archives.com

Re: [Samba] Users list and the date the password will expire




Hi list,

long time no see! :)

I was looking for an email reminder script for users whose password will expire. Some of our users are on long travels and will never see the Domain's default notification. I haven't found any complete (and simple) solution online. So I wrote one. In case it helps anyone, you find it below.

You should only have to fill in the blanks for the the "basedn" search parameter. Time conversion methods are taken from here:
http://meinit.nl/convert-active-directory-lastlogon-time-to-unix-readable-time

Ole




--

#!/bin/sh

max_pwAge=`samba-tool domain passwordsettings show | grep "Maximum password age" | tr -dc '0-9'`
user_list=`wbinfo -u`

basedn="OU=*,DC=*,DC=*,DC=*"

for user in $user_list; do

set_date=`ldbsearch -H /usr/local/samba/private/sam.ldb -s sub -b $basedn cn=$user | grep pwdLastSet | tr -dc '0-9'`

        if [ $set_date ] && [ $set_date -gt 1 ]; then

                UNIXTimeStamp=$((($set_date/10000000)-11644473600))
                then_sec=`date -d "1970-01-01 $UNIXTimeStamp sec GMT" +%s`
                now_sec=`date +%s`
                diff_days=$(( ( $now_sec - $then_sec )/60/60/24 ))
                exp_days=$(( $max_pwAge - $diff_days ))

if [ $exp_days == 90 ] || [ $exp_days == 60 ] || [ $exp_days == 30 ]; then

mail_string=`ldbsearch -H /usr/local/samba/private/sam.ldb -s sub -b $basedn cn=$user | grep mail` echo "Gotcha: $user" | mail -s "WARNING: Your domain account password will expire in $exp_days days!" ${mail_string:6}

                fi
        fi
done

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba