[Date Prev][Date Next]
Re: Not getting password expiry warnings on login
On Tuesday, 30 March 2010 19:50:15 Chris Jacobs wrote:
> I haven't had any success adding pwdChangedTime to accounts - and it seems
> you've assisted others with that issue - with the result being "ya can't
> do that".
> So, how do I add pwdChangedTime to accounts?
By updating userPassword, as covered in point (2) in my previous reply. See
> I'm being advised here to do so, but the only success I've had so far is
> painful: delete the entry, and use slapadd.
> - chris
> Yes, I've read the man page for ldapmodify - I see mention of some 'general
> extensions flag - but it doesn't make sense to me. I've also seen mention
> of a '-k' flag, but it's not an option with the version of ldapsearch
> compiled with openldap 2.4.
I provide a more complete script below.
> -----Original Message-----
> From: Buchan Milne [mailto:firstname.lastname@example.org]
> Sent: Tuesday, March 30, 2010 3:57 AM
> To: email@example.com
> Cc: Chris Jacobs
> Subject: Re: Not getting password expiry warnings on login
> > 2) I'm probably going to need to scrub these accounts
> > so that they're created correctly - likely through a slapcat - modify
> > output - wipe db (or delete entry) - slapadd (replace slapcat/add with
> > ldapmodify if that's your pref).
> No, update userPassword. E.g., something which does more or less:
> ldapsearch "(&(userPassword=*)(!(pwdChangedTime=*)))"
ldapsearch -LLL "(&(userPassword=*)(!(pwdChangedTime=*)))" userPassword|perl -
p0e 's/\n(userPassword:)/\nreplace: userPassword\n$1/g'|ldapmodify
Now, if you only have simple binds working, then you would need to do it this
read -p 'Enter Root DN: ' ROOTDN
read -s -p 'Enter Root DN Password: ' ROOTPW
ldapsearch -x -D "$ROOTDN" -w "$ROOTPW" -LLL "(&(userPassword=*)(!
(pwdChangedTime=*)))" userPassword|perl -p0e 's/\n(userPassword:)/\nreplace:
userPassword\n$1/g'|ldapmodify -x -D "$ROOTDN" -w "$ROOTPW"
However, if you don't yet know how to use ldapmodify and ldapsearch, you
really should try and learn ...