Article
Search
Shameless Plugs
Act Now!
Recent comments
Most Popular
Top Contributors
| User | Points |
|---|---|
| geoffc | 160,650 |
| dlythgoe | 21,925 |
| mfaris01 | 19,630 |
| mbluteau | 19,240 |
| DamianMyerscough | 18,220 |
| aburgemeister | 17,805 |
| mbluteau2 | 16,505 |
| davesimons | 15,300 |
| gchilders | 12,540 |
| dgersic | 11,505 |
Who's online
Online users
User login
2455
Checking Password Sync between Systems, in Bulk
Problem
A Forum reader recently asked:
"Does anyone know of a tool where you can check password sync between systems in bulk?"
And here's the response from Lothar Haeger ...
Solution
For two synced eDirectory trees, you can build a password check policy into the driver and trigger. For example, you can do this from a helper attribute that you can bulk-set with iManager. The sync status can then be written back to the helper attribute. Finally, you can turn the results into an Excel spreadsheet with Wolfgang Schreiber's excellent dsreport.exe (see www.novell.com/coolsolutions/tools/1448.html).
The policy would look something like this:
<rule> <description>Read</description> <conditions> <and> <if-op-attr mode="nocase" name="PwInSync" op="changing-to">check</if-op-attr> <if-association op="associated"/> </and> </conditions> <actions> <do-set-local-variable name="srcpw"> <arg-string> <token-src-attr name="nspmDistributionPassword"/> </arg-string> </do-set-local-variable> <do-set-local-variable name="destpw"> <arg-string> <token-dest-attr name="nspmDistributionPassword"/> </arg-string> </do-set-local-variable> <do-set-src-attr-value name="PwInSync"> <arg-value> <token-local-variable name="false"/> </arg-value> </do-set-src-attr-value> </actions> </rule> <rule> <description>Compare</description> <conditions> <and> <if-local-variable name="srcpw" op="available"/> <if-xpath op="true">$srcpw=$destpw</if-xpath> </and> </conditions> <actions> <do-set-src-attr-value name="PwInSync"> <arg-value> <token-local-variable name="true"/> </arg-value> </do-set-src-attr-value> </actions> </rule>
Systems without reversible passwords would be a bit more challenging, I guess ...
Disclaimer: As with everything else at Cool Solutions, this content is definitely not supported by Novell (so don't even think of calling Support if you try something and it blows up).
It was contributed by a community member and is published "as is." It seems to have worked for at least one person, and might work for you. But please be sure to test, test, test before you do anything drastic with it.
Related Articles
User Comments
- Be the first to comment! To leave a comment you need to Login or Register
- 2455 reads
0