Web lists-archives.com

Re: [Samba] Users list and the date the password will expire

Welcome, good to be able to give something back.

Find the update below. Also replaced container name ('cn') with 'sAMAccountName' for stability reasons (in case sub-units contain machines as well).

Comment out 'echo' lines for (rooted) cron-based use - except the mail send line, of course.



max_pwAge=`samba-tool domain passwordsettings show | grep "Maximum password age" | tr -dc '0-9'`
user_list=`wbinfo -u`


for user in $user_list; do

exp_date=`ldbsearch -H /usr/local/samba/private/sam.ldb -s sub -b $basedn sAMAccountName=$user msDS-UserPasswordExpiryTimeComputed | grep msDS-UserPasswordExpiryTimeComputed | tr -dc '0-9'`

        echo "User: " $user
        echo "Password expiry date: " $exp_date

        if [ $exp_date ] && [ $exp_date -gt 1 ]; then

                exp_sec=`date -d "1970-01-01 $UNIXTimeStamp sec GMT" +%s`
                now_sec=`date +%s`
                exp_days=$(( ( $exp_sec - $now_sec )/60/60/24 ))

                echo "Days to expiration: " $exp_days

if [ $exp_days == 90 ] || [ $exp_days == 60 ] || [ $exp_days == 30 ] || [ $exp_days == 20 ] || [ $exp_days == 10 ]; then

mail_string=`ldbsearch -H /usr/local/samba/private/sam.ldb -s sub -b $basedn cn=$user mail | grep mail` echo "Gotcha: $user" | mail -s "WARNING: Your domain account password will expire in $exp_days days!" ${mail_string:6}

echo "mail sent to user $user via ${mail_string:6}, password will expire in $exp_days days"


        echo ""


On 09.02.2017 11:44, mj via samba wrote:

On 02/09/2017 11:25 AM, Ole Traupe via samba wrote:
Exactly, and got reminded that I don't have to grep anything but can ask
for specific parameters. Been a while that I used ldbsearch. ;)

So there will be an updated version of your script? :-)

Your script is something we could use as well, appreciated!


To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba