-
Notifications
You must be signed in to change notification settings - Fork 0
Password Expiration Script
jtslear edited this page Jul 12, 2012
·
2 revisions
- This script provides end users a reminder when their domain password is soon to expire
- The script does a search into AD utilizing username ******************
- The search beings at 'ou=InforMed_Accounts,dc=splat,dc=local'
- The search filters for ONLY accounts in which the values 'pwdLastSet' and 'mail' have been populated
- The script will parse pwdLastSet, which is an awkward moment of time that M$ made, more on that later
- pwdLastSet is that computed to determine when their password should be set, and an alert is emailed to the user, if that account is due to expire w/i 14 days
- should an account password have not been changed in that window, and audit email is sent to technical services with the users name and the amount of days in which the account has last changed the password
- Script is located on **********************************
- it is executed by root each day at 1AM, Monday through Friday
- is calculated for every 100 nano seconds since Jan 1, 1601
- so my script converts that to epoch, linux system time, to do all the math