Welcome to Cool Solutions

Submitted By ChrisRandles on Fri. 05.09.2008

license:

Free

pwdcheck.pl (Size 23k) - Chris Randles v1.0 2008-05-07

PROGRAM PURPOSE:

Analyze output from the Daigpwd utility and produce a useable list of eDirectory accounts who's eDirectory passwords are not synchronized with their Universal or Simple passwords. The output is in container order using the reverse object RDN.

PROGRAM REQUIREMENTS:

Input Requirements - The output from Diagpwd:

Use Daigpwd with the following syntax:

diagpwd <IP Address> <secure port> <Tree_Cert>.der <container to start search> sub <Admin Account> <password>

e.g. diagpwd 192.168.0.1 636 MyTree.der o=Novell sub cn=admin,o=Novell mypassword

Use redirection to output the data to a text file. e.g. add '> diagpwd.txt' to the end of the statement:

e.g. diagpwd 192.168.0.1 636 MyTree.der o=Novell sub cn=admin,o=Novell mypassword > diagpwd.txt

To acquire the Diagpwd utility go to the Novell downloads web page and search for 'diagpwd*'

NOTE: Diagpwd4 was the version at the time of writing this document.
Do not modify the output file from diagpwd!
Diagpwd takes a while to run. You can use LDAP tracing to follow it's progress.

The program has been tested using SUSE Linux 10 on x86_64 using Perl v5.8.8 and on MS Windows 2000 SP4 using ActivePerl v5.8.8. It should run on most Linux/Unix/Windows platforms with Perl v5.6 and above.

EXAMPLE INPUT DATA (output data from diagpwd):

Object DN: cn=MyAccount,ou=IT,ou=CA,o=Novell
     EMail: ChRandles@novell.com
     Last Changed Date: 2008-04-21 22:40:45 Z
     Password Status: Enabled, Set
     Distribution Password Status: Set
     Simple Password Status: Set
     Password Policy DN: cn=Password Policy,cn=Password Policies,cn=Security

Object DN: cn=ThatAccount,ou=Accounts,ou=CA,o=Novell
     EMail: NotReal@novell.com
     Last Changed Date: [UNKNOWN]
     Password Status: Enabled, Set
     Distribution Password Status: Not set
     Simple Password Status: Set
     Password Policy DN: cn=Password Policy,cn=Password Policies,cn=Security

Object DN: cn=NFAUUser,o=novell
     EMail: [NONE]
     Last Changed Date: [UNKNOWN]
     Password Status: Universal Password disabled, Not set
     Distribution Password Status: Not set
     Simple Password Status: Not set
     Password Policy DN: [NONE]

PROGRAM OUTPUT INCLUDES:

Password_Totals.txt
A file containing all of the totals derived by the program which appear in the various output files.

Bad_Passwords.txt
     List of objects where Universal and/or Simple passwords do not match NDS password:
     Number of objects with bad Universal and Simple Passwords
     Number of objects with bad Universal Password Only
     Number of objects with bad Simple Password Only
     Total number of objects with bad passwords

Universal_Password_Not_Enabled.txt
List of and Total number of objects with Universal Password NOT enabled

Universal_Password_Enabled.txt
List of and Total number of objects with Universal Password Enabled

Universal_Password_Set.txt
List of and Total number of objects with Universal Password Set

Universal_Password_Not_Set.txt
List of and Total number of objects with Universal Password NOT Set

Distribution_Password_Set.txt
List of and Total number of objects with Distribution Password Set

Distribution_Password_Not_Set.txt
List of and Total number of objects with Distribution Password NOT Set

Simple_Password_Set.txt
List of and Total number of objects with Simple Password Set

Simple_Password_Not_Set.txt
List of and Total number of objects with Simple Password NOT Set

Users_By_Last_Password_Change.txt
     List of objects ordered by password last changed date
     Number Users without a password last changed date
     Number of Users with a password last changed date

Users_By_Password_Policies.txt
List of objects ordered by assigned password policy
Number of Users assigned to each password policy

Excluded_Objects.txt
List of and Total number of objects excluded from the input data.

Passwords.csv
A csv formatted file containing the input data. One object per line.

A Total of 14 output files are created per program run. NOTE: Output files are over-written with each run.

EXCLUSIONS FILE:

Exclusions file format is a simple text list of object CNs to ignore.
Create a text file called 'exclude.txt' (case sensitive on Linux/Unix) and enter one CN per line (CN is case insensitive) e.g.:

UNIX

Bookmark/Search this post with:

Average:

Average: 4 (2 votes)

Attachment	Size
pwdcheck.pl.txt	22.02 KB

To leave a comment you need to Login or Register
1426 reads

Search

Events

S	M	T	W	T	F	S
		1	2	3	4	5
6	7	8	9	10	11	12
13	14	15	16	17	18	19
20	21	22	23	24	25	26
27	28	29	30	31

« July 2008 »

Act Now!

Grab our new toolbar

Shameless Plugs

Quick Poll

How quickly do you buy new electronic gadgets?

I like to be the first one to have anything new.

I like to wait until they work out all the kinks.

I like to wait until the price comes down.

28%

I wait until I really need the new functionality.

46%

I wait till someone gives it to me as a gift.

12%

Total votes: 50

Welcome to Cool Solutions

pwdcheck

PROGRAM PURPOSE:

PROGRAM REQUIREMENTS:

EXAMPLE INPUT DATA (output data from diagpwd):

PROGRAM OUTPUT INCLUDES:

EXCLUSIONS FILE:

Search

Events

Act Now!

Who's online

Online users

Shameless Plugs

Recent comments

Quick Poll

User login