password expiry email notification

Discuss your pilot or production implementation with other Zimbra admins or our engineers.
ArcaneMagus
Elite member
Elite member
Posts: 1138
Joined: Fri Sep 12, 2014 10:25 pm

password expiry email notification

Postby ArcaneMagus » Thu Feb 10, 2011 11:54 am

This forum has a bug where it randomly adds spaces in some words when they aren't wrapped in a [code ] block, it usually only shows up in LDAP filters though, not sure why. Anyway...
It looks like you only pasted part of the command as the full one looks like this (and works for me on 6.0.10 at least):

ldapsearch -w `zmlocalconfig -s zimbra_ldap_password | awk '{print $3}'` -D uid=zimbra,cn=admins,cn=zimbra -x -h 192.168.1.6 -b ou=people,dc=domain,dc=com "(&(objectclass=posixAccount)(objectclass=sambaSamAccount))" | awk '/zimbraPasswordModifiedTime:/ {print substr($2,1,8)}'

20081016

20101115

...

I'm not sure which "awk" isn't working for you, the first or second? The first is to split out the password only from the response of the zmlocalconfig query, the second is what actually gets the password modified times.


2315smaj
Posts: 5
Joined: Sat Sep 13, 2014 1:37 am

password expiry email notification

Postby 2315smaj » Fri Feb 11, 2011 1:50 am

Yep, the ldapsearch command returns all zimbra users in domain. But the awk script don't work. It's even creating temp files in /tmp - just run and return 0.
I used ldapsearch command and awk script from second g_cos post.
ArcaneMagus
Elite member
Elite member
Posts: 1138
Joined: Fri Sep 12, 2014 10:25 pm

password expiry email notification

Postby ArcaneMagus » Fri Feb 11, 2011 12:50 pm

So it's creating the "/tmp/password_change_notification.msg" file? And this file looks like a raw mail message?
is the cron entry setup to run as the zimbra user?
2315smaj
Posts: 5
Joined: Sat Sep 13, 2014 1:37 am

password expiry email notification

Postby 2315smaj » Tue Feb 15, 2011 9:51 am

Thx, everything works fine now. Debug function was realy useful.
jummo
Advanced member
Advanced member
Posts: 120
Joined: Sat Sep 13, 2014 12:26 am

password expiry email notification

Postby jummo » Thu Sep 22, 2011 8:27 am

@g_kos: Thank you for your script!
I have extend the script a little bit to handle multi-domain setups.

Usage

Code: Select all

su - zimbra

/usr/local/bin/zm_password_notify.sh example.com example.net ...

Scripts
zm_password_notify.sh


Code: Select all

#!/bin/bash
for i in $@; do
domain=$(echo $i | sed -e 's/(.*)./dc=1,dc=/')

ldapsearch -w `zmlocalconfig -s zimbra_ldap_password | awk '{print $3}'`
 -D uid=zimbra,cn=admins,cn=zimbra -x -h mail.example.com
 -b ou=people,${domain}
 "(&(objectclass=zimbraAccount)(!(objectclass=zimbraCalendarResource)))"
 zimbraMailDeliveryAddress
 zimbraPasswordModifiedTime

 displayName | awk -f /usr/local/bin/zm_password_notify.awk

done

zm_password_notify.awk

BEGIN {OFS=";";
max_age=30
warn_age=25
curtime=systime();
one_day=24 * 60 * 60
mail_msg="/tmp/password_change_notification.msg"
logfile="/tmp/zimbra_password_change.log"
}

/^dn: / {++no}
/zimbraMailDeliveryAddress:/ {email[no]=$2}
/zimbraPasswordModifiedTime:/ {datescalc($2)}
/displayName:/ {name[no]=substr($0,14)}

END{
for (x = 1; x
days_to_change[x]=pass_change_limit[x] - curtime;

if (curtime
status[x]="no need to notify yet";
}else

if (curtime
send_mail()
status[x]="send notification email"
}else

{days_to_change[x]="overdue";
status[x]="too late to notify"}

# unhash for debugging
#status_log()
}
}

function datescalc (field) {
lc_yyyy[no]=substr($2,1,4);
lc_mm[no]=substr($2,5,2);
lc_dd[no]=substr($2,7,2);
lc_epoch[no]=mktime(lc_yyyy[no]" "lc_mm[no]" "lc_dd[no]" 00 00 00")
trigger_date[no]=lc_epoch[no] + warn_age * one_day
pass_change_limit[no]=lc_epoch[no] + max_age * one_day
}

function send_mail(field) {
# get domain
domain=email[x];
sub(/.*@/, "", domain);
message[x]="From: Password Change Reminder
"
"User-Agent: Zimbra
"

"MIME-Version: 1.0
"

"To: "name[x]"
"
"Subject: Password change reminder (Automatic notification)

"

"Dear " name[x]",

Your current password will expire on " strftime("%d %B %Y ",pass_change_limit[x])".
"

"When you have a free minute, please login to https://mail."domain",
"

"enter your current username and password, and change your password to a new one.

"
"You have "strftime("%-j",days_to_change[x])" day(s) left.
"

"Regards,
IT-Support"

print message[x] > "/tmp/password_change_notification.msg"
system ("zmlmtpinject -r " email[x] " -s it-support@"domain " " mail_msg " > /dev/null")
close (mail_msg)
}

function status_log(field) {

print "Action: "status[x] "
Name: "name[x] "
Email: "email[x]

print "LastChangeDate: " strftime("%Y %m %d", lc_epoch[x]) "
LastChangeDateEpoch: " lc_epoch[x]

print "Current time: " strftime("%Y %m %d", curtime) "
Current time epoch: " curtime

print "Trigger time: " strftime("%Y %m %d", trigger_date[x]) "
Trigger time epoch: " trigger_date[x]

print "PassChange Limit: " strftime("%Y %m %d", pass_change_limit[x]) "
PassChange Limit: " pass_change_limit[x]

print "Time till change: " strftime("%-j",days_to_change[x]) "
Time till change epoch: " days_to_change[x]

print "
"
}
User avatar
ccelis5215
Outstanding Member
Outstanding Member
Posts: 530
Joined: Sat Sep 13, 2014 2:04 am
Location: Caracas - Venezuela
ZCS/ZD Version: 8.0.9.GA.6191.UBUNTU12.64 FOSS

password expiry email notification

Postby ccelis5215 » Fri Dec 06, 2013 4:41 pm

jummo wrote:@g_kos: Thank you for your script!
I have extend the script a little bit to handle multi-domain setups.


Usage



su - zimbra

/usr/local/bin/zm_password_notify.sh example.com example.net ...


Scripts
zm_password_notify.sh



#!/bin/bash



for i in $@; do



domain=$(echo $i | sed -e 's/(.*)./dc=1,dc=/')



ldapsearch -w `zmlocalconfig -s zimbra_ldap_password | awk '{print $3}'`

-D uid=zimbra,cn=admins,cn=zimbra -x -h mail.example.com

-b ou=people,${domain}

"(&(objectclass=zimbraAccount)(!(objectclass=zimbraCalendarResource)))"

zimbraMailDeliveryAddress

zimbraPasswordModifiedTime

displayName | awk -f /usr/local/bin/zm_password_notify.awk

done


zm_password_notify.awk



BEGIN {OFS=";";

max_age=30

warn_age=25

curtime=systime();

one_day=24 * 60 * 60

mail_msg="/tmp/password_change_notification.msg"

logfile="/tmp/zimbra_password_change.log"

}





/^dn: / {++no}

/zimbraMailDeliveryAddress:/ {email[no]=$2}

/zimbraPasswordModifiedTime:/ {datescalc($2)}

/displayName:/ {name[no]=substr($0,14)}







END{

for (x = 1; x


days_to_change[x]=pass_change_limit[x] - curtime;



if (curtime
status[x]="no need to notify yet";

}else

if (curtime
send_mail()

status[x]="send notification email"

}else

{days_to_change[x]="overdue";

status[x]="too late to notify"}



# unhash for debugging

#status_log()

}

}



function datescalc (field) {

lc_yyyy[no]=substr($2,1,4);

lc_mm[no]=substr($2,5,2);

lc_dd[no]=substr($2,7,2);

lc_epoch[no]=mktime(lc_yyyy[no]" "lc_mm[no]" "lc_dd[no]" 00 00 00")

trigger_date[no]=lc_epoch[no] + warn_age * one_day

pass_change_limit[no]=lc_epoch[no] + max_age * one_day

}



function send_mail(field) {

# get domain

domain=email[x];

sub(/.*@/, "", domain);



message[x]="From: Password Change Reminder
"

"User-Agent: Zimbra
"

"MIME-Version: 1.0
"

"To: "name[x]"
"

"Subject: Password change reminder (Automatic notification)

"

"Dear " name[x]",

Your current password will expire on " strftime("%d %B %Y ",pass_change_limit[x])".
"

"When you have a free minute, please login to https://mail.
"

"enter your current username and password, and change your password to a new one.

"

"You have "strftime("%-j",days_to_change[x])" day(s) left.


"

"Regards,
IT-Support"

print message[x] > "/tmp/password_change_notification.msg"

system ("zmlmtpinject -r " email[x] " -s it-support@"domain " " mail_msg " > /dev/null")

close (mail_msg)

}



function status_log(field) {

print "Action: "status[x] "
Name: "name[x] "
Email: "email[x]

print "LastChangeDate: " strftime("%Y %m %d", lc_epoch[x]) "
LastChangeDateEpoch: " lc_epoch[x]

print "Current time: " strftime("%Y %m %d", curtime) "
Current time epoch: " curtime

print "Trigger time: " strftime("%Y %m %d", trigger_date[x]) "
Trigger time epoch: " trigger_date[x]

print "PassChange Limit: " strftime("%Y %m %d", pass_change_limit[x]) "
PassChange Limit: " pass_change_limit[x]

print "Time till change: " strftime("%-j",days_to_change[x]) "
Time till change epoch: " days_to_change[x]

print "


"

}


Thanks, works like a charm!
Just tweak a little bit on ldapsearch to fit our requirements.
ccelis
Dymx
Posts: 1
Joined: Wed Oct 18, 2017 9:17 am

Re: password expiry email notification

Postby Dymx » Wed Oct 18, 2017 9:23 am

This script isnt working because errors in awk file.

Code: Select all

awk: /opt/zimbra/scripts/zm_password_notify.awk:22: for (x = 1; x
awk: /opt/zimbra/scripts/zm_password_notify.awk:22:              ^ unexpected newline or end of string
awk: /opt/zimbra/scripts/zm_password_notify.awk:25: if (curtime
awk: /opt/zimbra/scripts/zm_password_notify.awk:25:            ^ unexpected newline or end of string
awk: /opt/zimbra/scripts/zm_password_notify.awk:27: }else
awk: /opt/zimbra/scripts/zm_password_notify.awk:27:  ^ syntax error
awk: /opt/zimbra/scripts/zm_password_notify.awk:31: send_mail()
awk: /opt/zimbra/scripts/zm_password_notify.awk:31:            ^ unexpected newline or end of string
awk: /opt/zimbra/scripts/zm_password_notify.awk:33: status[x]="send notification email"
awk: /opt/zimbra/scripts/zm_password_notify.awk:33:                                    ^ unexpected newline or end of string
awk: /opt/zimbra/scripts/zm_password_notify.awk:36: {days_to_change[x]="overdue";
awk: /opt/zimbra/scripts/zm_password_notify.awk:36:                             ^ syntax error
awk: /opt/zimbra/scripts/zm_password_notify.awk:38: status[x]="too late to notify"}
awk: /opt/zimbra/scripts/zm_password_notify.awk:38:                               ^ syntax error
awk: /opt/zimbra/scripts/zm_password_notify.awk:48: function datescalc (field) {
awk: /opt/zimbra/scripts/zm_password_notify.awk:48:                            ^ syntax error
awk: /opt/zimbra/scripts/zm_password_notify.awk:50: lc_yyyy[no]=substr($2,1,4);
awk: /opt/zimbra/scripts/zm_password_notify.awk:50:                           ^ syntax error
awk: /opt/zimbra/scripts/zm_password_notify.awk:51: lc_mm[no]=substr($2,5,2);
awk: /opt/zimbra/scripts/zm_password_notify.awk:51:                         ^ syntax error
awk: /opt/zimbra/scripts/zm_password_notify.awk:52: lc_dd[no]=substr($2,7,2);
awk: /opt/zimbra/scripts/zm_password_notify.awk:52:                         ^ syntax error
awk: /opt/zimbra/scripts/zm_password_notify.awk:54: lc_epoch[no]=mktime(lc_yyyy[no]" "lc_mm[no]" "lc_dd[no]" 00 00 00")
awk: /opt/zimbra/scripts/zm_password_notify.awk:54:                                                                    ^ unexpected newline or end of string
awk: /opt/zimbra/scripts/zm_password_notify.awk:55: trigger_date[no]=lc_epoch[no] + warn_age * one_day
awk: /opt/zimbra/scripts/zm_password_notify.awk:55:                                                   ^ unexpected newline or end of string
awk: /opt/zimbra/scripts/zm_password_notify.awk:56: pass_change_limit[no]=lc_epoch[no] + max_age * one_day
awk: /opt/zimbra/scripts/zm_password_notify.awk:56:                                                       ^ unexpected newline or end of string
awk: /opt/zimbra/scripts/zm_password_notify.awk:60: function send_mail(field) {
awk: /opt/zimbra/scripts/zm_password_notify.awk:60:                           ^ syntax error
awk: /opt/zimbra/scripts/zm_password_notify.awk:63: domain=email[x];
awk: /opt/zimbra/scripts/zm_password_notify.awk:63:                ^ syntax error
awk: /opt/zimbra/scripts/zm_password_notify.awk:64: sub(/.*@/, "", domain);
awk: /opt/zimbra/scripts/zm_password_notify.awk:64:                       ^ syntax error
awk: /opt/zimbra/scripts/zm_password_notify.awk:66: message[x]="From: Password Change Reminder
awk: /opt/zimbra/scripts/zm_password_notify.awk:66:            ^ unterminated string
awk: /opt/zimbra/scripts/zm_password_notify.awk:66: message[x]="From: Password Change Reminder
awk: /opt/zimbra/scripts/zm_password_notify.awk:66:            ^ syntax error

Return to “Administrators”

Who is online

Users browsing this forum: No registered users and 15 guests