[Samba] Users list and the date the password will expire
Mark Foley
mfoley at ohprs.org
Tue Mar 28 15:23:23 UTC 2017
On Mon, 27 Mar 2017 11:54:56 -0400 Mark Foley wrote:
>
> On Sun, 26 Mar 2017 20:51:26 -0400 Mark Foley wrote:
> >
> > On Sun, 26 Mar 2017 19:31:48 -0400 Mark Foley wrote:
> > >
> > > On Sun, 26 Mar 2017 19:53:01 +0100 Rowland Penny wrote:
> > > >
> > > > Sorry, forgot about the required authentication, try it with '-P'
> > > > without '-U administrator'
> > > >
> > > > Rowland
> > >
> > > Great! That did it. Final command:
> > >
> > > ldbsearch --url=ldap://mail -b "DC=hprs,DC=local" -P -s sub "(&(sAMAccountType=805306368)(sAMAccountName=$USER))" msDS-UserPasswordExpiryTimeComputed
> >
> > Not quite where I need to be. The above with the -P option works on the domain member when
> > logged in as root. I had planned on interecepting the lightDM login program to incorporate
> > this, but in fact I have no idea what that is or where to find it.
> >
> > Is there a way a user can run ldbsearch ... without specifying a password?
> >
> > Is ldbsearch the only way to get a user's expiryTime?
> >
>
> I figured out a way to have a normal user authenticate with ldbsearch. Instead of -P use: -k yes
>
It seems like there is no endpoint to this problem! After changing user 'mark's password, the
ldbsearch no longer works with the -k yes parameter:
$ /usr/bin/ldbsearch --url=ldap://mail -b "DC=hprs,DC=local" -k yes -s sub "(&(sAMAccountType=805306368)(sAMAccountName=$USER))" msDS-UserPasswordExpiryTimeComputed
Password for [HPRS\mark]:
I am now prompted for a password. How do I fix this?
Thanks --Mark
More information about the samba
mailing list