[ltb-dev] [LDAP Tool Box - Feature #295] checkLdapPwdExpiration.sh / minor issues

noreply at lsc-project.org noreply at lsc-project.org
Wed Mar 4 16:28:22 CET 2015


Issue #295 has been updated by Velin Budinov.


Hi, i have strange case, like Benjamin, my ou's are further branched in sub ou's

case 1:
MY_LDAP_SEARCHBASE="dc=methodia,dc=com"
MY_LDAP_SEARCHSCOPE="sub"

results:
Mar  4 17:22:55 ldap checkLdapPwdExpiration.sh[5197]: --- Statistics ---
Mar  4 17:22:55 ldap checkLdapPwdExpiration.sh[5197]: Users checked: 195
Mar  4 17:22:55 ldap checkLdapPwdExpiration.sh[5197]: Account expired: 112
Mar  4 17:22:55 ldap checkLdapPwdExpiration.sh[5197]: Account in warning: 0

case 2:
MY_LDAP_SEARCHBASE="ou=Users,dc=methodia,dc=com"
MY_LDAP_SEARCHSCOPE="one"

results:
Mar  4 17:26:10 ldap checkLdapPwdExpiration.sh[25072]: --- Statistics ---
Mar  4 17:26:10 ldap checkLdapPwdExpiration.sh[25072]: Users checked: 105
Mar  4 17:26:10 ldap checkLdapPwdExpiration.sh[25072]: Account expired: 37
Mar  4 17:26:10 ldap checkLdapPwdExpiration.sh[25072]: Account in warning: 5

If I use "sub" for scope, there are no accounts in warning! Any idea?

Regards,
Velin
----------------------------------------
Feature #295: checkLdapPwdExpiration.sh / minor issues
http://tools.lsc-project.org/issues/295

Author: Benjamin Griese
Status: Assigned
Priority: Low
Assigned to: Thomas Chemineau
Category: LDAP Scripts
Target version: ldap-scripts-0.4


Hello,
while trying to get the expiration mails working I felt into some trouble getting users from my DIT for the below small issues:

searching for users didn't work for me, because my ou's are further branched in sub ou's:
<pre>
@${MY_LDAP_SEARCHBIN} ${ldap_param} -s -one- -b "${MY_LDAP_SEARCHBASE}" \@
</pre>


I simply fixed that by using sub instead of one:
<pre>
@${MY_LDAP_SEARCHBIN} ${ldap_param} -s *sub* -b "${MY_LDAP_SEARCHBASE}" \@
</pre>

The next problem was the different behaviour/syntax of cut on my system than expected in your script in below lines.
The problem was the character extraction at the beginning by character number 0:
<pre>
@pwdChangedTime=`grep -w "pwdChangedTime:" ${buffer_file} | cut -d : -f 2 | cut -c 0-15 | sed "s/^ *//;s/ *$//"`@
</pre>

and

<pre>
@y=`echo ${pwdChangedTime} | cut -c 0-4`@
</pre>

fixed by beginning at 1
<pre>
@pwdChangedTime=`grep -w "pwdChangedTime:" ${buffer_file} | cut -d : -f 2 | cut -c 1-15 | sed "s/^ *//;s/ *$//"`@
</pre>

and

<pre>
@y=`echo ${pwdChangedTime} | cut -c 1-4`@
</pre>

Maybe the problem only appears with my version of the coreutils where cut belongs to.

Thanks for your great work anyway. :)

My System: 
SLES11 SP1
Stock OpenLDAP 2.4.20
coreutils-6.12-32.17 (provides /usr/bin/cut)


-- 
You have received this notification because you have either subscribed to it, or are involved in it.
To change your notification preferences, please click here: http://tools.lsc-project.org/my/account
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ltb-project.org/pipermail/ltb-dev/attachments/20150304/282aa901/attachment.htm>


More information about the ltb-dev mailing list