Check password age


 
Thread Tools Search this Thread
Top Forums Shell Programming and Scripting Check password age
# 1  
Old 12-18-2006
Check password age

Hi Guys,

I hope one of you has already done this and is kind enough to share your script with me.

I have a Solaris8 server that uses password aging for its local user accounts. I need a script that checks the age of the password and then sends the user an email if the password is about to expire. It needs to send an email when the password will expire in 10 days then it needs to send a second email when there is 5 days left before it expires. It also needs to send an email to an admin account if a password has already expired, including the root password.

Thanks...
Tornado
# 2  
Old 12-18-2006
# 3  
Old 12-18-2006
Thanks for that, I think I should be able to use it in a script to do what I want.
Tornado
# 4  
Old 12-19-2006
For anyone that might be interested in doing the same thing.. Here is my script
Code:
#! /bin/sh
#
# Goran Cvetanoski - 19/12/2006
#
# pwage
#
# This script works out the time left before a password expires
#
# It will send a reminder email 10 days and 3 days before the password
# will expire. The email will go to unix.admin@mydomain.com.au unless an
# alternate email address is specified. An email will also be sent if a
# password has expired.
#
# The following command will send results to unix.admin@mydomain.com.au
# pwage oracle
#
# Specify an alternate email address if you would like the results to be
# sent to a different email address.
# ie:
# pwage oracle oracledba@mydomain.com.au
#
#
# CHANGE LOG
# =========================================================================
# 19/12/2006 - Goran Base script created
#

LOG=/tmp/pwage.log

DASHES="-----------------------------"

show()
{
    echo "$DASHES $1 $DASHES" >> $LOG
    shift
    eval "$@" >> $LOG
    echo "" >> $LOG
}

usage ()
{
    echo " Usage: pwage user [email]"
    echo ""
    echo " user : User id to check password age"
    echo " email: Users email address. If not specified Unix"
    echo "        Admin will receive the email"
    echo ""
    echo " In these two examples unix.admin will be notified"
    echo " pwage oracle unix.admin@mydomain.com.au"
    echo " pwage oracle"
    echo ""
    echo " In this example oracledba will be notified"
    echo " pwage oracle oracledba@mydomain.com.au"
}

scriptargs()
{
        echo Date: `date`
        echo System: `uname -a`
}

SendMail()
{
    cat $LOG | mailx -s "$1" $NOTIFY
}

reminder ()
{

echo "Date: `date`"
echo ""
echo "Please change your password within the next $EXPIRE days"
}

expired ()
{
echo "Date: `date`"
echo ""
echo "The password for $USER has expired"
echo "$USER last changed their password on $LSTCNG"
echo "The maximum age for the password is $MAX days"
echo "and it has expired $EXPIRE days ago"
}

cat /dev/null > $LOG

if [ "$1" = "" ]
    then
        NOTIFY=unix.admin@mydomain.com.au
        show "U S A G E" usage
        SendMail "Error from command pwage on `uname -n`"
        cat $LOG
        cat /dev/null > $LOG
        exit 1
fi

if [ "$2" = "" ]
    then
        USER=$1
        NOTIFY=unix.admin@mydomain.com.au
    else
        USER=$1
        NOTIFY=$2
fi

CURRENT_EPOCH=`grep $USER /etc/shadow | cut -d: -f3`

# Find the epoch time since the user's password was last changed
EPOCH=`/bin/perl -e 'print int(time/(60*60*24))'`

# Compute the age of the user's password
AGE=`echo $EPOCH - $CURRENT_EPOCH | /bin/bc`

# Compute and display the number of days until password expiration
MAX=`grep $USER /etc/shadow | cut -d: -f5`
EXPIRE=`echo $MAX - $AGE | /bin/bc`

CHANGE=`echo $CURRENT_EPOCH + 1 | /bin/bc`
LSTCNG="`perl -e 'print scalar localtime('$CHANGE' * 24 *3600);'`"

if [ "$EXPIRE" = 10 ]
    then
        show "R E M I N D E R" reminder
        SendMail "$USER Password Info On `uname -n`"
fi

if [ "$EXPIRE" = 3 ]
    then
        show "R E M I N D E R" reminder
        SendMail "URGENT: $USER Password Info On `uname -n`"
fi

if [ "$EXPIRE" -lt 0 ]
    then
        show "E X P I R E D" expired
        SendMail "WARNING: $USER Password Expired On `uname -n`"
fi

# Uncomment the 2 lines below to see the results from the script
#echo "$USER's password expires in $EXPIRE days"
#echo "$USER last changed their password on $LSTCNG"

cat /dev/null > $LOG
exit 0


Last edited by Tornado; 02-05-2007 at 03:02 AM..
This User Gave Thanks to For This Post:
Tornado
Login or Register to Ask a Question

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

Check age of the file

hi, i am working on a shell script where i have 2 files & i need to check age of those files. one file should be of the same day and other shoudn't be more then 20 days old. how could i acheive this? please help!!!! (10 Replies)
Discussion started by: lovelysethii
10 Replies

2. Shell Programming and Scripting

how to check for valid password

I need to check if an account has a valid password. Would something like this work? read ACCNAME if grep -q "^$ACCNAME:\$6:" /etc/shadow; thenI noticed every entry in my shadow file that has a password starts with $6 ... it works for my current setup, but would it always work? I can't test... (4 Replies)
Discussion started by: ADay2Long
4 Replies

3. Solaris

Check when password expires

How do I check to see when a password expires on a user account with using the CLI? (1 Reply)
Discussion started by: jastanle84
1 Replies

4. UNIX for Dummies Questions & Answers

Check password strength

For moderator: I made a new thread in a proper part of the forum now https://www.unix.com/homework-coursework-questions/137119-user-processes.html But now i wan't to make something which isn't related to a homework, so i hope you won't close this one. Thanks to those two answers, you helped me!... (9 Replies)
Discussion started by: petel1
9 Replies

5. Red Hat

max age password question

Hi All, I got a definition on /etc/login.defs PASS_MAX_DAYS 41 and on /etc/shadow, most of the user id fifth column (max age) is 40. Is that different policy or not? If it is the same policy, then the above policy don't match, right. Thanks for any comment you may add. Cheers,... (2 Replies)
Discussion started by: itik
2 Replies

6. Shell Programming and Scripting

How can I check that a password is correct?

Hi there, There's something I don't understand. The same string does not give the same md5 hash everytime. I wanted to find a way to check someone's password but the following script obviously shows that it's not possible that way : ks354286:~# user=foo ks354286:~# pw=$(mkpasswd -H md5... (3 Replies)
Discussion started by: chebarbudo
3 Replies

7. AIX

"password min age" setting

How do you change default setting on password expiration field? My default setting has 15 weeks for "password min age", and I would like it to be 0 for all of my current users as well as futures users created. I guess there's a default file that I need to update, but I don't know where it is.... (2 Replies)
Discussion started by: pdtak
2 Replies

8. Solaris

How to set Root password age limit in Solaris 9/10

Hi Friends, Can anyone tell me how can I set the password age limit for root user to 14 days....??? Also would like to add following for root password; min-alpha --- 4 min-other --- 1 min-length -- 6 min-diff ----- 3 How can I do these on command line....??? Regards, jumadhiya (7 Replies)
Discussion started by: jumadhiya
7 Replies

9. Solaris

password complexity check

Hi, I am looking for a simple way to : - force the user to change his password following the first connexion - check the complexity of a password (password should has a least 8 characters with 1 special char and 1 alpha...). Thinks for your help (1 Reply)
Discussion started by: dbsora
1 Replies

10. UNIX for Dummies Questions & Answers

password check

Hi While using Pipe concept ,if a user enters a "login name" and "paswword" ,then how does a child process check for user password is correct or not and give notification to parent process. (1 Reply)
Discussion started by: riya
1 Replies
Login or Register to Ask a Question