[Samba] Users list and the date the password will expire

Ole Traupe ole.traupe at tu-berlin.de
Thu Feb 9 10:25:45 UTC 2017 

Exactly, and got reminded that I don't have to grep anything but can ask 
for specific parameters. Been a while that I used ldbsearch. ;)

Ole


On 08.02.2017 18:46, Rowland Penny via samba wrote:
> On Wed, 8 Feb 2017 18:32:15 +0100
> Ole Traupe via samba <samba at lists.samba.org> wrote:
>
>> That was weird: didn't see (expect) there to be a discussion right on
>> the same topic going on at this very moment.
>>
>> Ole
>>
>>
>> On 08.02.2017 17:37, Ole Traupe via samba wrote:
>>> Hi list,
>>>
>>> long time no see! :)
>>>
>>> I was looking for an email reminder script for users whose password
>>> will expire. Some of our users are on long travels and will never
>>> see the Domain's default notification. I haven't found any complete
>>> (and simple) solution online. So I wrote one. In case it helps
>>> anyone, you find it below.
>>>
>>> You should only have to fill in the blanks for the the "basedn"
>>> search parameter. Time conversion methods are taken from here:
>>> http://meinit.nl/convert-active-directory-lastlogon-time-to-unix-readable-time
>>>
>>>
>>> Ole
>>>
>>>
>>>
>>>
>>> -- 
>>>
>>> #!/bin/sh
>>>
>>> max_pwAge=`samba-tool domain passwordsettings show | grep "Maximum
>>> password age" | tr -dc '0-9'`
>>> user_list=`wbinfo -u`
>>>
>>> basedn="OU=*,DC=*,DC=*,DC=*"
>>>
>>> for user in $user_list; do
>>>
>>>          set_date=`ldbsearch -H /usr/local/samba/private/sam.ldb -s
>>> sub -b  $basedn cn=$user | grep pwdLastSet | tr -dc '0-9'`
>>>
>>>          if [ $set_date ] && [ $set_date -gt 1 ]; then
>>>
>>> UNIXTimeStamp=$((($set_date/10000000)-11644473600))
>>>                  then_sec=`date -d "1970-01-01 $UNIXTimeStamp sec
>>> GMT" +%s`
>>>                  now_sec=`date +%s`
>>>                  diff_days=$(( ( $now_sec - $then_sec )/60/60/24 ))
>>>                  exp_days=$(( $max_pwAge - $diff_days ))
>>>
>>>                  if [ $exp_days == 90 ] || [ $exp_days == 60 ] || [
>>> $exp_days == 30 ]; then
>>>
>>>                          mail_string=`ldbsearch -H
>>> /usr/local/samba/private/sam.ldb -s sub -b $basedn cn=$user | grep
>>> mail` echo "Gotcha: $user" | mail -s "WARNING: Your
>>> domain account password will expire in $exp_days days!"
>>> ${mail_string:6}
>>>
>>>                  fi
>>>          fi
>>> done
>>>
>>
> Yes and now you know that you are using the wrong attribute LOL
>
> Rowland
>

More information about the samba mailing list