[Samba] Users list and the date the password will expire
Mark Foley
mfoley at ohprs.org
Sun Mar 26 18:32:53 UTC 2017
On 26 Mar 2017 09:20:35 +0100 Rowland Penny wrote
>
> On Sun, 26 Mar 2017 00:16:13 -0400
> Mark Foley via samba <samba at lists.samba.org> wrote:
>
> >
> > ldbsearch --url="/var/lib/samba/private/sam.ldb" -b
> > "DC=hprs,DC=local" -s sub
> > "(&(objectCategory=person)(objectClass=user)(sAMAccountName=mark))"
> > msDS-UserPasswordExpiryTimeComputed
> >
> > returns 0 records. Certainly because the --url refers the the
> > PRIVATE_DIR on the domain server, not the domain member. using
> > mail:/var/lib/... or mail.hprs.local:/var/lib/... and a few other
> > variations I could think of did not work.
> >
> > So, how do I get msDS-UserPasswordExpiryTimeComputed from a domain
> > member?
> >
>
> Try this:
>
> ldbsearch --url=ldap://A_DC_HOSTNAME -b "DC=hprs,DC=local" -s sub
> "(&(sAMAccountType=805306368)(sAMAccountName=mark))"
> msDS-UserPasswordExpiryTimeComputed
>
> Replace 'A_DC_HOSTNAME' with your DCs short hostname.
>
> Rowland
as root:
ldbsearch --url=ldap://mail -b "DC=hprs,DC=local" -s sub "(&(sAMAccountType=805306368)(sAMAccountName=mark))" msDS-UserPasswordExpiryTimeComputed
search error - LDAP error 1 LDAP_OPERATIONS_ERROR - <00002020: Operation unavailable without authentication> <>
When I added `-U user%pass` it worked. I don't suppose there is a way to NOT specify the
password? I'd rather not have to propigate the domain administrator's password among all the
domain members (-N did not work).
Thanks --Mark
More information about the samba
mailing list