Re: [Fed-Talk] Applescript for local password expiration
Re: [Fed-Talk] Applescript for local password expiration
- Subject: Re: [Fed-Talk] Applescript for local password expiration
- From: David Solin <email@hidden>
- Date: Thu, 13 Dec 2012 15:03:35 -0600
- Organization: jOVAL
That's very neat!
If you wanted to manage OSX local account password expiration
centrally, you can use the OVAL unix:shadow_test.
Regards,
--David
On 12/13/2012 2:40 PM, Michael Kluskens
wrote:
For anyone interested here is an AppleScript to put up a password expiration warning 14 days before a local account expires assuming a 90 day expiration. A slight mod would make this work for ActiveDirectory and Open Directory servers, but there are a number of scripts and programs available to do that.
set lastpwdOD to do shell script "user=`whoami` ; dscl . -readpl /Users/$user PasswordPolicyOptions passwordTimestamp| sed 's/passwordTimestamp: //' "
set y to text 1 thru 4 of (lastpwdOD as text)
set m to text 6 thru 7 of (lastpwdOD as text)
set d to text 9 thru 10 of (lastpwdOD as text)
set lastpwdAS to (m & "/" & d & "/" & y)
set lastpwd to date (lastpwdAS as string)
set changepwd to lastpwd + 90 * days
set daysleft to ((changepwd - (current date)) / days)
set intdaysleft to (daysleft as integer)
if (intdaysleft < 14) then
if (intdaysleft < 1) then
display dialog ("Please change your password immediately")
else
display dialog ("Please change your password soon, you have " & (daysleft as integer) & " days left")
end if
end if
I'm sure this could be fancied up but it does what I need.
Michael
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden
|
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden