[Samba] Users list and the date the password will expire.

mathias dufresne infractory at gmail.com
Tue Sep 1 12:59:33 UTC 2015


Perhaps there is a simpler manner to proceed, anyway this one should work:

>From http://www.epochconverter.com/epoch/ldap-timestamp.php you can learn
how time is coded in MS Windows format. This format is used in Samba4.

In each user object you should find "pwdLastSet" attribute. If this
attribute is not present I expect user hasn't set a password at all.

Next you need your DC password policy:
samba-tool domain passwordsettings show
Password informations for domain 'DC=domain,DC=tld'

Password complexity: on
Store plaintext passwords: off
Password history length: 24
Minimum password length: 7
Minimum password age (days): 1
*Maximum password age (days): 42*
Account lockout duration (mins): 30
Account lockout threshold (attempts): 0
Reset account lockout after (mins): 30

So you will have to convert current date minus password max age to MS
Windows format as described in previous link then you will have to search
for users with a pwdLastSet superior to the one you calculated.



2015-09-01 14:10 GMT+02:00 vinifa <vinicius at riodasostras.rj.gov.br>:

> Hello guys! I need a help from you! I need on my list Samba4, all users who
> are with the password expired. This because where I work there is a great
> turnover and the personnel department does not return me the users who are
> not part of the staff. Thank you all!
> --
> View this message in context:
> http://samba.2283325.n4.nabble.com/Users-list-and-the-date-the-password-will-expire-tp4690644.html
> Sent from the Samba - General mailing list archive at Nabble.com.
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba

More information about the samba mailing list