[Samba] Users list and the date the password will expire
Ole Traupe
ole.traupe at tu-berlin.de
Wed Feb 8 17:32:15 UTC 2017
That was weird: didn't see (expect) there to be a discussion right on
the same topic going on at this very moment.
Ole
On 08.02.2017 17:37, Ole Traupe via samba wrote:
> Hi list,
>
> long time no see! :)
>
> I was looking for an email reminder script for users whose password
> will expire. Some of our users are on long travels and will never see
> the Domain's default notification. I haven't found any complete (and
> simple) solution online. So I wrote one. In case it helps anyone, you
> find it below.
>
> You should only have to fill in the blanks for the the "basedn" search
> parameter. Time conversion methods are taken from here:
> http://meinit.nl/convert-active-directory-lastlogon-time-to-unix-readable-time
>
>
> Ole
>
>
>
>
> --
>
> #!/bin/sh
>
> max_pwAge=`samba-tool domain passwordsettings show | grep "Maximum
> password age" | tr -dc '0-9'`
> user_list=`wbinfo -u`
>
> basedn="OU=*,DC=*,DC=*,DC=*"
>
> for user in $user_list; do
>
> set_date=`ldbsearch -H /usr/local/samba/private/sam.ldb -s sub
> -b $basedn cn=$user | grep pwdLastSet | tr -dc '0-9'`
>
> if [ $set_date ] && [ $set_date -gt 1 ]; then
>
> UNIXTimeStamp=$((($set_date/10000000)-11644473600))
> then_sec=`date -d "1970-01-01 $UNIXTimeStamp sec GMT"
> +%s`
> now_sec=`date +%s`
> diff_days=$(( ( $now_sec - $then_sec )/60/60/24 ))
> exp_days=$(( $max_pwAge - $diff_days ))
>
> if [ $exp_days == 90 ] || [ $exp_days == 60 ] || [
> $exp_days == 30 ]; then
>
> mail_string=`ldbsearch -H
> /usr/local/samba/private/sam.ldb -s sub -b $basedn cn=$user | grep mail`
> echo "Gotcha: $user" | mail -s "WARNING: Your
> domain account password will expire in $exp_days days!" ${mail_string:6}
>
> fi
> fi
> done
>
More information about the samba
mailing list