[Samba] Users list and the date the password will expire

Ole Traupe ole.traupe at tu-berlin.de
Thu Feb 9 11:21:35 UTC 2017 

NOBODY updates my scripts! Except whoever wants, of course. ;)

Would you mind going into details regarding you changes?

Ole



On 09.02.2017 12:02, Rowland Penny via samba wrote:
> On Thu, 9 Feb 2017 11:26:55 +0100
> Ole Traupe <ole.traupe at tu-berlin.de> wrote:
>
>> But I got the timestamp subtraction constant right from the beginning!
>
> Hope you don't mind but I updated your script ;-)
>
> #!/bin/bash
>
> ### Set system defaults
>
> # Get path to sam.ldb
> LDBDIR=$(samba -b | grep 'PRIVATE_DIR' | awk -F ':' '{print $NF}' | sed 's/^ *//g')
> if [ -z "${LDBDIR}" ]; then
>      echo "This is supposed to be a DC, but cannot obtain the Private dir."
>      echo "Cannot Continue...Exiting."
>      exit 1
> else
>      LDBDB="${LDBDIR}/sam.ldb"
> fi
>
> # Get the default naming context of the domain # DC=samdom,DC=example,DC=com
> domainDN=$(ldbsearch -H "${LDBDB}" -b "" -s base defaultNamingContext | grep 'defaultNamingContext' | sed 's|defaultNamingContext: ||')
> if [ -z "${domainDN}" ]; then
>      echo "Could not obtain AD rootDSE"
>      exit 1
> fi
>
> user_list=$(wbinfo -u)
>
> for user in $user_list; do
>      user=$(echo "${user}" | awk -F '\\' '{print $2}')
>      user_expire_date=$(ldbsearch --url="${LDBDB}" -b "${domainDN}" -s sub "(&(objectCategory=person)(objectClass=user)(sAMAccountName=$user))" msDS-UserPasswordExpiryTimeComputed | grep "msDS-UserPasswordExpiryTimeComputed: " | sed "s|msDS-UserPasswordExpiryTimeComputed: ||")
>      UNIXTimeStamp=$((("${user_expire_date}"/10000000)-11644473600))
>      date_now=$(date +%s)
>      exp_days=$((("${UNIXTimeStamp}" - "${date_now}") / 3600 / 24))
>      if [ "${exp_days}" -le "0" ]; then
>          mail_string=$(ldbsearch --url="${LDBDB}" -b "${domainDN}" -s sub "(&(objectCategory=person)(objectClass=user)(sAMAccountName=$user))" mail | grep mail: | sed "s|mail: ||")
>          if [ -n "${mail_string}" ]; then
>              echo "Gotcha: ${user}" | mail -s "WARNING: Your domain account password has expired!!!" "${mail_string}"
>          fi
>      elif [ "${exp_days}" == "90" ] || [ "${exp_days}" == "60" ] || [ "${exp_days}" == "30" ]; then
>            mail_string=$(ldbsearch --url="${LDBDB}" -b "${domainDN}" -s sub "(&(objectCategory=person)(objectClass=user)(sAMAccountName=$user))" mail | grep mail: | sed "s|mail: ||")
>            if [ -n "${mail_string}" ]; then
>                echo echo "Gotcha: ${user}" | mail -s "WARNING: Your domain account password will expire in ${exp_days} days!" "${mail_string}"
>            fi
>      fi
> done
>
> exit 0
>

More information about the samba mailing list