[Samba] Users list and the date the password will expire.

Tue Sep 1 13:00:28 UTC 2015

Ashish's way should be simpler :)

2015-09-01 14:59 GMT+02:00 mathias dufresne <infractory at gmail.com>:

> Hi,
>
> Perhaps there is a simpler manner to proceed, anyway this one should work:
>
> From http://www.epochconverter.com/epoch/ldap-timestamp.php you can learn
> how time is coded in MS Windows format. This format is used in Samba4.
>
> In each user object you should find "pwdLastSet" attribute. If this
> attribute is not present I expect user hasn't set a password at all.
>
> Next you need your DC password policy:
> samba-tool domain passwordsettings show
> Password informations for domain 'DC=domain,DC=tld'
>
> Password complexity: on
> Store plaintext passwords: off
> Password history length: 24
> Minimum password length: 7
> Minimum password age (days): 1
> *Maximum password age (days): 42*
> Account lockout duration (mins): 30
> Account lockout threshold (attempts): 0
> Reset account lockout after (mins): 30
>
> So you will have to convert current date minus password max age to MS
> Windows format as described in previous link then you will have to search
> for users with a pwdLastSet superior to the one you calculated.
>
> Cheers,
>
> mathias
>
>
> 2015-09-01 14:10 GMT+02:00 vinifa <vinicius at riodasostras.rj.gov.br>:
>
>> Hello guys! I need a help from you! I need on my list Samba4, all users
>> who
>> are with the password expired. This because where I work there is a great
>> turnover and the personnel department does not return me the users who are
>> not part of the staff. Thank you all!
>>
>>
>>
>> --
>> View this message in context:
>> http://samba.2283325.n4.nabble.com/Users-list-and-the-date-the-password-will-expire-tp4690644.html
>> Sent from the Samba - General mailing list archive at Nabble.com.
>>
>> --
>> To unsubscribe from this list go to the following URL and read the
>> instructions:  https://lists.samba.org/mailman/options/samba
>>
>
>