Check password age

Tornado · #1 12-18-2006

Hi Guys,

I hope one of you has already done this and is kind enough to share your script with me.

I have a Solaris8 server that uses password aging for its local user accounts. I need a script that checks the age of the password and then sends the user an email if the password is about to expire. It needs to send an email when the password will expire in 10 days then it needs to send a second email when there is 5 days left before it expires. It also needs to send an email to an admin account if a password has already expired, including the root password.

Thanks...

anbu23 · #2 12-18-2006

check this link
http://groups-beta.google.com/group/...d1564cb6?hl=en

Tornado · #3 12-18-2006

Thanks for that, I think I should be able to use it in a script to do what I want.

Tornado · #4 12-19-2006

For anyone that might be interested in doing the same thing.. Here is my script

Code:

#! /bin/sh
#
# Goran Cvetanoski - 19/12/2006
#
# pwage
#
# This script works out the time left before a password expires
#
# It will send a reminder email 10 days and 3 days before the password
# will expire. The email will go to unix.admin@mydomain.com.au unless an
# alternate email address is specified. An email will also be sent if a
# password has expired.
#
# The following command will send results to unix.admin@mydomain.com.au
# pwage oracle
#
# Specify an alternate email address if you would like the results to be
# sent to a different email address.
# ie:
# pwage oracle oracledba@mydomain.com.au
#
#
# CHANGE LOG
# =========================================================================
# 19/12/2006 - Goran Base script created
#

LOG=/tmp/pwage.log

DASHES="-----------------------------"

show()
{
    echo "$DASHES $1 $DASHES" >> $LOG
    shift
    eval "$@" >> $LOG
    echo "" >> $LOG
}

usage ()
{
    echo " Usage: pwage user [email]"
    echo ""
    echo " user : User id to check password age"
    echo " email: Users email address. If not specified Unix"
    echo "        Admin will receive the email"
    echo ""
    echo " In these two examples unix.admin will be notified"
    echo " pwage oracle unix.admin@mydomain.com.au"
    echo " pwage oracle"
    echo ""
    echo " In this example oracledba will be notified"
    echo " pwage oracle oracledba@mydomain.com.au"
}

scriptargs()
{
        echo Date: `date`
        echo System: `uname -a`
}

SendMail()
{
    cat $LOG | mailx -s "$1" $NOTIFY
}

reminder ()
{

echo "Date: `date`"
echo ""
echo "Please change your password within the next $EXPIRE days"
}

expired ()
{
echo "Date: `date`"
echo ""
echo "The password for $USER has expired"
echo "$USER last changed their password on $LSTCNG"
echo "The maximum age for the password is $MAX days"
echo "and it has expired $EXPIRE days ago"
}

cat /dev/null > $LOG

if [ "$1" = "" ]
    then
        NOTIFY=unix.admin@mydomain.com.au
        show "U S A G E" usage
        SendMail "Error from command pwage on `uname -n`"
        cat $LOG
        cat /dev/null > $LOG
        exit 1
fi

if [ "$2" = "" ]
    then
        USER=$1
        NOTIFY=unix.admin@mydomain.com.au
    else
        USER=$1
        NOTIFY=$2
fi

CURRENT_EPOCH=`grep $USER /etc/shadow | cut -d: -f3`

# Find the epoch time since the user's password was last changed
EPOCH=`/bin/perl -e 'print int(time/(60*60*24))'`

# Compute the age of the user's password
AGE=`echo $EPOCH - $CURRENT_EPOCH | /bin/bc`

# Compute and display the number of days until password expiration
MAX=`grep $USER /etc/shadow | cut -d: -f5`
EXPIRE=`echo $MAX - $AGE | /bin/bc`

CHANGE=`echo $CURRENT_EPOCH + 1 | /bin/bc`
LSTCNG="`perl -e 'print scalar localtime('$CHANGE' * 24 *3600);'`"

if [ "$EXPIRE" = 10 ]
    then
        show "R E M I N D E R" reminder
        SendMail "$USER Password Info On `uname -n`"
fi

if [ "$EXPIRE" = 3 ]
    then
        show "R E M I N D E R" reminder
        SendMail "URGENT: $USER Password Info On `uname -n`"
fi

if [ "$EXPIRE" -lt 0 ]
    then
        show "E X P I R E D" expired
        SendMail "WARNING: $USER Password Expired On `uname -n`"
fi

# Uncomment the 2 lines below to see the results from the script
#echo "$USER's password expires in $EXPIRE days"
#echo "$USER last changed their password on $LSTCNG"

cat /dev/null > $LOG
exit 0

Thread Tools	Search this Thread
Show Printable Version Email this Page Subscribe to this Thread	Search this Thread: Advanced Search
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode

More UNIX and Linux Forum Topics You Might Find Helpful
Thread	Thread Starter	Forum	Replies	Last Post
how to check for valid password	ADay2Long	Shell Programming and Scripting	4	12-08-2011 11:35 PM
Check when password expires	jastanle84	Solaris	1	09-07-2010 11:23 AM
Check password strength	petel1	UNIX for Dummies Questions & Answers	9	05-27-2010 05:49 AM
How to check password expiry in AIX?	SanjayPasum	AIX	5	01-04-2009 01:29 PM
password check	riya	UNIX for Dummies Questions & Answers	1	03-26-2006 07:44 PM

The Following User Says Thank You to Tornado For This Useful Post:
mdm-jazz (05-04-2012)