[Samba] Users list and the date the password will expire
Rowland Penny
rpenny at samba.org
Wed Feb 8 17:46:23 UTC 2017
On Wed, 8 Feb 2017 18:32:15 +0100
Ole Traupe via samba <samba at lists.samba.org> wrote:
> That was weird: didn't see (expect) there to be a discussion right on
> the same topic going on at this very moment.
>
> Ole
>
>
> On 08.02.2017 17:37, Ole Traupe via samba wrote:
> > Hi list,
> >
> > long time no see! :)
> >
> > I was looking for an email reminder script for users whose password
> > will expire. Some of our users are on long travels and will never
> > see the Domain's default notification. I haven't found any complete
> > (and simple) solution online. So I wrote one. In case it helps
> > anyone, you find it below.
> >
> > You should only have to fill in the blanks for the the "basedn"
> > search parameter. Time conversion methods are taken from here:
> > http://meinit.nl/convert-active-directory-lastlogon-time-to-unix-readable-time
> >
> >
> > Ole
> >
> >
> >
> >
> > --
> >
> > #!/bin/sh
> >
> > max_pwAge=`samba-tool domain passwordsettings show | grep "Maximum
> > password age" | tr -dc '0-9'`
> > user_list=`wbinfo -u`
> >
> > basedn="OU=*,DC=*,DC=*,DC=*"
> >
> > for user in $user_list; do
> >
> > set_date=`ldbsearch -H /usr/local/samba/private/sam.ldb -s
> > sub -b $basedn cn=$user | grep pwdLastSet | tr -dc '0-9'`
> >
> > if [ $set_date ] && [ $set_date -gt 1 ]; then
> >
> > UNIXTimeStamp=$((($set_date/10000000)-11644473600))
> > then_sec=`date -d "1970-01-01 $UNIXTimeStamp sec
> > GMT" +%s`
> > now_sec=`date +%s`
> > diff_days=$(( ( $now_sec - $then_sec )/60/60/24 ))
> > exp_days=$(( $max_pwAge - $diff_days ))
> >
> > if [ $exp_days == 90 ] || [ $exp_days == 60 ] || [
> > $exp_days == 30 ]; then
> >
> > mail_string=`ldbsearch -H
> > /usr/local/samba/private/sam.ldb -s sub -b $basedn cn=$user | grep
> > mail` echo "Gotcha: $user" | mail -s "WARNING: Your
> > domain account password will expire in $exp_days days!"
> > ${mail_string:6}
> >
> > fi
> > fi
> > done
> >
>
>
Yes and now you know that you are using the wrong attribute LOL
Rowland
More information about the samba
mailing list