Page 2 of 2

password expiry email notification

Posted: Thu Feb 10, 2011 11:54 am
by ArcaneMagus
This forum has a bug where it randomly adds spaces in some words when they aren't wrapped in a

Code: Select all

 block, it usually only shows up in LDAP filters though, not sure why. Anyway...
It looks like you only pasted part of the command as the full one looks like this (and works for me on 6.0.10 at least):

ldapsearch -w `zmlocalconfig -s zimbra_ldap_password | awk '{print $3}'` -D uid=zimbra,cn=admins,cn=zimbra -x -h 192.168.1.6 -b ou=people,dc=domain,dc=com "(&(objectclass=posixAccount)(objectclass=sambaSamAccount))" | awk '/zimbraPasswordModifiedTime:/ {print substr($2,1,8)}'

20081016

20101115

...
I'm not sure which "awk" isn't working for you, the first or second? The first is to split out the password only from the response of the zmlocalconfig query, the second is what actually gets the password modified times.

password expiry email notification

Posted: Fri Feb 11, 2011 1:50 am
by 2315smaj
Yep, the ldapsearch command returns all zimbra users in domain. But the awk script don't work. It's even creating temp files in /tmp - just run and return 0.
I used ldapsearch command and awk script from second g_cos post.

password expiry email notification

Posted: Fri Feb 11, 2011 12:50 pm
by ArcaneMagus
So it's creating the "/tmp/password_change_notification.msg" file? And this file looks like a raw mail message?
is the cron entry setup to run as the zimbra user?

password expiry email notification

Posted: Tue Feb 15, 2011 9:51 am
by 2315smaj
Thx, everything works fine now. Debug function was realy useful.

password expiry email notification

Posted: Thu Sep 22, 2011 8:27 am
by jummo
@g_kos: Thank you for your script!
I have extend the script a little bit to handle multi-domain setups.

Usage

Code: Select all

su - zimbra

/usr/local/bin/zm_password_notify.sh example.com example.net ...

Scripts
zm_password_notify.sh

Code: Select all

#!/bin/bash
for i in $@; do
domain=$(echo $i | sed -e 's/(.*)./dc=1,dc=/')

ldapsearch -w `zmlocalconfig -s zimbra_ldap_password | awk '{print $3}'` 
 -D uid=zimbra,cn=admins,cn=zimbra -x -h mail.example.com 
 -b ou=people,${domain} 
 "(&(objectclass=zimbraAccount)(!(objectclass=zimbraCalendarResource)))" 
 zimbraMailDeliveryAddress 
 zimbraPasswordModifiedTime 

 displayName | awk -f /usr/local/bin/zm_password_notify.awk

done

zm_password_notify.awk

BEGIN {OFS=";";
max_age=30
warn_age=25
curtime=systime();
one_day=24 * 60 * 60
mail_msg="/tmp/password_change_notification.msg"
logfile="/tmp/zimbra_password_change.log"
}

/^dn: / {++no}
/zimbraMailDeliveryAddress:/ {email[no]=$2}
/zimbraPasswordModifiedTime:/ {datescalc($2)}
/displayName:/ {name[no]=substr($0,14)}

END{
for (x = 1; x 
days_to_change[x]=pass_change_limit[x] - curtime;

if (curtime 
status[x]="no need to notify yet";
}else

if (curtime 
send_mail()
status[x]="send notification email"
}else

{days_to_change[x]="overdue";
status[x]="too late to notify"}

# unhash for debugging
#status_log()
}
}

function datescalc (field) {
lc_yyyy[no]=substr($2,1,4);
lc_mm[no]=substr($2,5,2);
lc_dd[no]=substr($2,7,2);
lc_epoch[no]=mktime(lc_yyyy[no]" "lc_mm[no]" "lc_dd[no]" 00 00 00")
trigger_date[no]=lc_epoch[no] + warn_age * one_day
pass_change_limit[no]=lc_epoch[no] + max_age * one_day
}

function send_mail(field) {
# get domain
domain=email[x];
sub(/.*@/, "", domain);
message[x]="From: Password Change Reminder 
" 
"User-Agent: Zimbra
" 

"MIME-Version: 1.0
" 

"To: "name[x]" 
" 
"Subject: Password change reminder (Automatic notification)

" 

"Dear " name[x]",

Your current password will expire on " strftime("%d %B %Y ",pass_change_limit[x])".
" 

"When you have a free minute, please login to https://mail."domain",
" 

"enter your current username and password, and change your password to a new one.

" 
"You have "strftime("%-j",days_to_change[x])" day(s) left.
" 

"Regards,
IT-Support"

print message[x] > "/tmp/password_change_notification.msg"
system ("zmlmtpinject -r " email[x] " -s it-support@"domain " " mail_msg " > /dev/null")
close (mail_msg)
}

function status_log(field) {

print "Action: "status[x] "
Name: "name[x] "
Email: "email[x]

print "LastChangeDate: " strftime("%Y %m %d", lc_epoch[x]) "
LastChangeDateEpoch: " lc_epoch[x]

print "Current time: " strftime("%Y %m %d", curtime) "
Current time epoch: " curtime

print "Trigger time: " strftime("%Y %m %d", trigger_date[x]) "
Trigger time epoch: " trigger_date[x]

print "PassChange Limit: " strftime("%Y %m %d", pass_change_limit[x]) "
PassChange Limit: " pass_change_limit[x]

print "Time till change: " strftime("%-j",days_to_change[x]) "
Time till change epoch: " days_to_change[x]

print "
"
}

password expiry email notification

Posted: Fri Dec 06, 2013 4:41 pm
by ccelis5215
jummo wrote:@g_kos: Thank you for your script!
I have extend the script a little bit to handle multi-domain setups.


Usage



su - zimbra

/usr/local/bin/zm_password_notify.sh example.com example.net ...


Scripts
zm_password_notify.sh



#!/bin/bash



for i in $@; do



domain=$(echo $i | sed -e 's/(.*)./dc=1,dc=/')



ldapsearch -w `zmlocalconfig -s zimbra_ldap_password | awk '{print $3}'`

-D uid=zimbra,cn=admins,cn=zimbra -x -h mail.example.com

-b ou=people,${domain}

"(&(objectclass=zimbraAccount)(!(objectclass=zimbraCalendarResource)))"

zimbraMailDeliveryAddress

zimbraPasswordModifiedTime

displayName | awk -f /usr/local/bin/zm_password_notify.awk

done


zm_password_notify.awk



BEGIN {OFS=";";

max_age=30

warn_age=25

curtime=systime();

one_day=24 * 60 * 60

mail_msg="/tmp/password_change_notification.msg"

logfile="/tmp/zimbra_password_change.log"

}





/^dn: / {++no}

/zimbraMailDeliveryAddress:/ {email[no]=$2}

/zimbraPasswordModifiedTime:/ {datescalc($2)}

/displayName:/ {name[no]=substr($0,14)}







END{

for (x = 1; x


days_to_change[x]=pass_change_limit[x] - curtime;



if (curtime
status[x]="no need to notify yet";

}else

if (curtime
send_mail()

status[x]="send notification email"

}else

{days_to_change[x]="overdue";

status[x]="too late to notify"}



# unhash for debugging

#status_log()

}

}



function datescalc (field) {

lc_yyyy[no]=substr($2,1,4);

lc_mm[no]=substr($2,5,2);

lc_dd[no]=substr($2,7,2);

lc_epoch[no]=mktime(lc_yyyy[no]" "lc_mm[no]" "lc_dd[no]" 00 00 00")

trigger_date[no]=lc_epoch[no] + warn_age * one_day

pass_change_limit[no]=lc_epoch[no] + max_age * one_day

}



function send_mail(field) {

# get domain

domain=email[x];

sub(/.*@/, "", domain);



message[x]="From: Password Change Reminder
"

"User-Agent: Zimbra
"

"MIME-Version: 1.0
"

"To: "name[x]"
"

"Subject: Password change reminder (Automatic notification)

"

"Dear " name[x]",

Your current password will expire on " strftime("%d %B %Y ",pass_change_limit[x])".
"

"When you have a free minute, please login to https://mail.
"

"enter your current username and password, and change your password to a new one.

"

"You have "strftime("%-j",days_to_change[x])" day(s) left.


"

"Regards,
IT-Support"

print message[x] > "/tmp/password_change_notification.msg"

system ("zmlmtpinject -r " email[x] " -s it-support@"domain " " mail_msg " > /dev/null")

close (mail_msg)

}



function status_log(field) {

print "Action: "status[x] "
Name: "name[x] "
Email: "email[x]

print "LastChangeDate: " strftime("%Y %m %d", lc_epoch[x]) "
LastChangeDateEpoch: " lc_epoch[x]

print "Current time: " strftime("%Y %m %d", curtime) "
Current time epoch: " curtime

print "Trigger time: " strftime("%Y %m %d", trigger_date[x]) "
Trigger time epoch: " trigger_date[x]

print "PassChange Limit: " strftime("%Y %m %d", pass_change_limit[x]) "
PassChange Limit: " pass_change_limit[x]

print "Time till change: " strftime("%-j",days_to_change[x]) "
Time till change epoch: " days_to_change[x]

print "


"

}
Thanks, works like a charm!
Just tweak a little bit on ldapsearch to fit our requirements.
ccelis

Re: password expiry email notification

Posted: Wed Oct 18, 2017 9:23 am
by Dymx
This script isnt working because errors in awk file.

Code: Select all

awk: /opt/zimbra/scripts/zm_password_notify.awk:22: for (x = 1; x
awk: /opt/zimbra/scripts/zm_password_notify.awk:22:              ^ unexpected newline or end of string
awk: /opt/zimbra/scripts/zm_password_notify.awk:25: if (curtime
awk: /opt/zimbra/scripts/zm_password_notify.awk:25:            ^ unexpected newline or end of string
awk: /opt/zimbra/scripts/zm_password_notify.awk:27: }else
awk: /opt/zimbra/scripts/zm_password_notify.awk:27:  ^ syntax error
awk: /opt/zimbra/scripts/zm_password_notify.awk:31: send_mail()
awk: /opt/zimbra/scripts/zm_password_notify.awk:31:            ^ unexpected newline or end of string
awk: /opt/zimbra/scripts/zm_password_notify.awk:33: status[x]="send notification email"
awk: /opt/zimbra/scripts/zm_password_notify.awk:33:                                    ^ unexpected newline or end of string
awk: /opt/zimbra/scripts/zm_password_notify.awk:36: {days_to_change[x]="overdue";
awk: /opt/zimbra/scripts/zm_password_notify.awk:36:                             ^ syntax error
awk: /opt/zimbra/scripts/zm_password_notify.awk:38: status[x]="too late to notify"}
awk: /opt/zimbra/scripts/zm_password_notify.awk:38:                               ^ syntax error
awk: /opt/zimbra/scripts/zm_password_notify.awk:48: function datescalc (field) {
awk: /opt/zimbra/scripts/zm_password_notify.awk:48:                            ^ syntax error
awk: /opt/zimbra/scripts/zm_password_notify.awk:50: lc_yyyy[no]=substr($2,1,4);
awk: /opt/zimbra/scripts/zm_password_notify.awk:50:                           ^ syntax error
awk: /opt/zimbra/scripts/zm_password_notify.awk:51: lc_mm[no]=substr($2,5,2);
awk: /opt/zimbra/scripts/zm_password_notify.awk:51:                         ^ syntax error
awk: /opt/zimbra/scripts/zm_password_notify.awk:52: lc_dd[no]=substr($2,7,2);
awk: /opt/zimbra/scripts/zm_password_notify.awk:52:                         ^ syntax error
awk: /opt/zimbra/scripts/zm_password_notify.awk:54: lc_epoch[no]=mktime(lc_yyyy[no]" "lc_mm[no]" "lc_dd[no]" 00 00 00")
awk: /opt/zimbra/scripts/zm_password_notify.awk:54:                                                                    ^ unexpected newline or end of string
awk: /opt/zimbra/scripts/zm_password_notify.awk:55: trigger_date[no]=lc_epoch[no] + warn_age * one_day
awk: /opt/zimbra/scripts/zm_password_notify.awk:55:                                                   ^ unexpected newline or end of string
awk: /opt/zimbra/scripts/zm_password_notify.awk:56: pass_change_limit[no]=lc_epoch[no] + max_age * one_day
awk: /opt/zimbra/scripts/zm_password_notify.awk:56:                                                       ^ unexpected newline or end of string
awk: /opt/zimbra/scripts/zm_password_notify.awk:60: function send_mail(field) {
awk: /opt/zimbra/scripts/zm_password_notify.awk:60:                           ^ syntax error
awk: /opt/zimbra/scripts/zm_password_notify.awk:63: domain=email[x];
awk: /opt/zimbra/scripts/zm_password_notify.awk:63:                ^ syntax error
awk: /opt/zimbra/scripts/zm_password_notify.awk:64: sub(/.*@/, "", domain);
awk: /opt/zimbra/scripts/zm_password_notify.awk:64:                       ^ syntax error
awk: /opt/zimbra/scripts/zm_password_notify.awk:66: message[x]="From: Password Change Reminder
awk: /opt/zimbra/scripts/zm_password_notify.awk:66:            ^ unterminated string
awk: /opt/zimbra/scripts/zm_password_notify.awk:66: message[x]="From: Password Change Reminder
awk: /opt/zimbra/scripts/zm_password_notify.awk:66:            ^ syntax error

Dates of all a user's password changes

Posted: Wed Dec 29, 2021 9:39 am
by gianko
Is there a command that shows us the dates of all changes to a user's password?
The command
zmprov sa -v "mail=user@domain.com" | egrep '^ mail: | zimbraPasswordModifiedTime: | ^ $ '
shows us only the last change