68 lines
2.0 KiB
Bash
Executable File
68 lines
2.0 KiB
Bash
Executable File
#!/bin/bash
|
|
|
|
hostname=`hostname`
|
|
errortext="ERROR:NEVER"
|
|
arg="$1"
|
|
|
|
function shortshow() {
|
|
echo ${user}": "$email
|
|
}
|
|
|
|
function queryLDAPAttribute() {
|
|
ldapsearch -x "$1" "$2" | grep -E "${2}: " | sed "s/^${2}: //"
|
|
}
|
|
|
|
basedn=`ldapsearch -x '(cn=root)' dn | grep -E ^dn:\ | sed 's/dn: cn=root,//'`
|
|
|
|
maxAge="$(queryLDAPAttribute '(cn=default)' pwdMaxAge)"
|
|
changeAge=$(( $maxAge - 2592000 ))
|
|
deleteAge=$(( 2 * $maxAge ))
|
|
|
|
for user in `queryLDAPAttribute '(uid=*)' uid`; do
|
|
|
|
# Pull changed stats
|
|
lastChanged=`/usr/sbin/ldapsearch -x "(uid=$user)" + | grep pwdChangedTime | cut -f 2 -d ' '`
|
|
created=`/usr/sbin/ldapsearch -x "(uid=$user)" + | grep createTimestamp | cut -f 2 -d ' '`
|
|
email=`/usr/sbin/ldapsearch -x "(uid=$user)" | grep mail | cut -f 2 -d ' '`
|
|
|
|
if [ -z "$lastChanged" ]; then
|
|
lastChanged="$errortext";
|
|
else
|
|
delta="$(( `date +%s` - `date -d $(echo $lastChanged | head -c 8) +%s`))"
|
|
fi
|
|
lastlog=`lastlog -u $user | tail -n 1`
|
|
if [ `echo $lastlog | grep -c 'Never logged in'` -gt 0 ]; then
|
|
lastlog=$errortext
|
|
else
|
|
lastlog=`echo $lastlog | awk '{$1="";$2="";$3="";print $0 }'`
|
|
fi
|
|
printf "User $user (email: $email, created: $created) last changed their password on $lastChanged. They last logged in to SSH on $hostname on $lastlog\n" | (
|
|
case "$arg" in
|
|
"--inactive")
|
|
if grep -E $errortext'$' &> /dev/null; then shortshow; fi
|
|
;;
|
|
"--needschange")
|
|
if [ "$lastChanged" == "$errortext" ]; then
|
|
shortshow
|
|
else
|
|
if [ $delta -gt "$changeAge" ] && [ $delta -lt "$maxAge" ]; then shortshow; fi
|
|
fi
|
|
;;
|
|
"--expired")
|
|
if [ "$lastChanged" != "$errortext" ] && [ "$delta" -ge 31536000 ]; then
|
|
shortshow;
|
|
fi
|
|
;;
|
|
"--removeable")
|
|
if [ "$lastChanged" != "$errortext" ] && [ "$delta" -ge "$deleteAge" ]; then
|
|
shortshow;
|
|
fi
|
|
;;
|
|
*)
|
|
cat
|
|
;;
|
|
esac
|
|
)
|
|
|
|
done
|