[Samba] Users list and the date the password will expire
Ole Traupe
ole.traupe at tu-berlin.de
Thu Feb 9 11:19:34 UTC 2017
Welcome, good to be able to give something back.
Find the update below. Also replaced container name ('cn') with
'sAMAccountName' for stability reasons (in case sub-units contain
machines as well).
Comment out 'echo' lines for (rooted) cron-based use - except the mail
send line, of course.
Ole
#!/bin/sh
max_pwAge=`samba-tool domain passwordsettings show | grep "Maximum
password age" | tr -dc '0-9'`
user_list=`wbinfo -u`
basedn="OU=*,DC=*,DC=*,DC=*"
for user in $user_list; do
exp_date=`ldbsearch -H /usr/local/samba/private/sam.ldb -s sub
-b $basedn sAMAccountName=$user msDS-UserPasswordExpiryTimeComputed |
grep msDS-UserPasswordExpiryTimeComputed | tr -dc '0-9'`
echo "User: " $user
echo "Password expiry date: " $exp_date
if [ $exp_date ] && [ $exp_date -gt 1 ]; then
UNIXTimeStamp=$((($exp_date/10000000)-11644473600))
exp_sec=`date -d "1970-01-01 $UNIXTimeStamp sec GMT" +%s`
now_sec=`date +%s`
exp_days=$(( ( $exp_sec - $now_sec )/60/60/24 ))
echo "Days to expiration: " $exp_days
if [ $exp_days == 90 ] || [ $exp_days == 60 ] || [
$exp_days == 30 ] || [ $exp_days == 20 ] || [ $exp_days == 10 ]; then
mail_string=`ldbsearch -H
/usr/local/samba/private/sam.ldb -s sub -b $basedn cn=$user mail | grep
mail`
echo "Gotcha: $user" | mail -s "WARNING: Your
domain account password will expire in $exp_days days!" ${mail_string:6}
echo "mail sent to user $user via
${mail_string:6}, password will expire in $exp_days days"
fi
fi
echo ""
done
On 09.02.2017 11:44, mj via samba wrote:
>
>
> On 02/09/2017 11:25 AM, Ole Traupe via samba wrote:
>> Exactly, and got reminded that I don't have to grep anything but can ask
>> for specific parameters. Been a while that I used ldbsearch. ;)
>>
>
> So there will be an updated version of your script? :-)
>
> Your script is something we could use as well, appreciated!
>
> MJ
>
More information about the samba
mailing list