[Samba] Users list and the date the password will expire
Ole Traupe
ole.traupe at tu-berlin.de
Wed Feb 8 16:37:54 UTC 2017
Hi list,
long time no see! :)
I was looking for an email reminder script for users whose password will
expire. Some of our users are on long travels and will never see the
Domain's default notification. I haven't found any complete (and simple)
solution online. So I wrote one. In case it helps anyone, you find it below.
You should only have to fill in the blanks for the the "basedn" search
parameter. Time conversion methods are taken from here:
http://meinit.nl/convert-active-directory-lastlogon-time-to-unix-readable-time
Ole
--
#!/bin/sh
max_pwAge=`samba-tool domain passwordsettings show | grep "Maximum
password age" | tr -dc '0-9'`
user_list=`wbinfo -u`
basedn="OU=*,DC=*,DC=*,DC=*"
for user in $user_list; do
set_date=`ldbsearch -H /usr/local/samba/private/sam.ldb -s sub
-b $basedn cn=$user | grep pwdLastSet | tr -dc '0-9'`
if [ $set_date ] && [ $set_date -gt 1 ]; then
UNIXTimeStamp=$((($set_date/10000000)-11644473600))
then_sec=`date -d "1970-01-01 $UNIXTimeStamp sec GMT" +%s`
now_sec=`date +%s`
diff_days=$(( ( $now_sec - $then_sec )/60/60/24 ))
exp_days=$(( $max_pwAge - $diff_days ))
if [ $exp_days == 90 ] || [ $exp_days == 60 ] || [
$exp_days == 30 ]; then
mail_string=`ldbsearch -H
/usr/local/samba/private/sam.ldb -s sub -b $basedn cn=$user | grep mail`
echo "Gotcha: $user" | mail -s "WARNING: Your
domain account password will expire in $exp_days days!" ${mail_string:6}
fi
fi
done
More information about the samba
mailing list