aix:scripts_category:check_password_expiration
This is an old revision of the document!
Check expired password
[root@nim01]/root# cat /root/scripts/bin/check_expire_user.sh
#!/bin/bash
#@(#) check expired password and send an email if required
# Will only check users with a password
destination=it@mydom.com
logpath=/root/scripts/logs
logfile=$logpath/expired_users.txt
maxage_admin=90 # default value for maxage if not specified
epoch_now=$(date +%s)
if [ ! -d $logpath ]
then
mkdir -p $logpath
fi
cat /dev/null > $logfile
for usr in $(cat /etc/security/passwd | grep -p lastupdate | egrep ":" | sed 's/://')
do
epoch_lastupdate=$(lssec -f /etc/security/passwd -a lastupdate -s $usr | cut -d " " -f2 | cut -d "=" -f2)
epoch_lastlogin=$(lsuser -a time_last_login $usr | cut -d " " -f2 | cut -d "=" -f2)
maxage=$(lsuser -a maxage $usr | cut -d " " -f2 | cut -d "=" -f2)
(( epoch_sincelastchange = epoch_now - epoch_lastupdate ))
(( days_sincelastchange = epoch_sincelastchange / (3600*24) ))
if [[ "$maxage" == "0" ]]
then
days_maxage=${maxage_admin}
else
(( days_maxage = 7 * maxage ))
fi
if [[ "${days_sincelastchange}" -gt "${days_maxage}" ]]
then
(( days_expired = days_sincelastchange - days_maxage ))
echo "Change the password for user $usr expired since ${days_expired} days, lastlogin "$(/opt/freeware/bin/date --date="@${epoch_lastlogin}" +%Y/%m/%d-%T) >> $logfile
fi
done
if [ -s $logfile ]
then
cat $logfile | mail -s "Expired users for server $(hostname)" $destination
fi
aix/scripts_category/check_password_expiration.1609532747.txt.gz · Last modified: 2021/01/01 21:25 by 127.0.0.1
Except where otherwise noted, content on this wiki is licensed under the following license: GNU Free Documentation License 1.3
