Novell Home

Listing Users with Universal Passwords

Novell Cool Solutions: Tip

Digg This - Slashdot This

Posted: 14 Mar 2007
 

Problem

A Forum reader recently asked:

"I need to get a list of all users in a tree that already use universal passwords. We're running eDirectory 8.8 SP1, and I tried to use diagpwd.exe to get the information I need. But diagpwd.exe only gets some of the users; others return an error -1631, though they definitely have a Universal Password set."

And here's the response from Chuck Perilli ...

Solution

We use JRB's GETNAME utility (part of the JRB Utilities package). I wrote a batch file that uses GETNAME to list Universal Password Policies for users, OU's, and O's:

**************************************************************
@echo off
if "%1" == "" goto syntax
if "%1" == "all" goto getall
if "%1" == "ALL" goto getall
getname %
1 /a=nspmPasswordPolicy /n /z /yc /s /l=upwdlist.txt /e=upwdlist.err
goto exit

:getall
getname 
* /a=nspmPasswordPolicy /n  /yc /s /r /u /x /l=upwdall.txt /e=upwdall.err %
2 %3
getname 
* /a=nspmPasswordPolicy /n  /yc /s /o="Organization" /r /x /l=upwdall.txt,a
 /e=upwdall.err,a %2 %3
getname 
* /a=nspmPasswordPolicy /n  /yc /s /o="OU" /r /x /l=upwdall.txt,a /e=upwdal
l.err,a %2 %3
if "%2" == "/j" goto copyfile
if "%2" == "/J" goto copyfile
goto exit

:syntax
echo.
echo Syntax is:
echo GETUPWD .empnum.full.context
echo ex: GETUPWD .34567.20000.hq.nfcu
echo ex: GETUPWD .*.30000.hq.nfcu   (will list all in 30000 container)
echo (list will be saved to UPWDLIST.TXT)
echo.
echo -or-
echo.
echo To list ALL users with Universal Password to UPWDALL.TXT...
echo GETUPWD all
echo.
goto exit

:copyfile
copy upwdall.txt fromjrb.txt

:exit
**************************************************************

The output looks like this:

.west9.30000.HQ.NFCU     .Prod Universal Password Exceptions.Password
 Policies.Security
.00000.HQ.NFCU           .Prod Universal Password Policy.Password
 Policies.Security
.30000.HQ.NFCU           .Prod Universal Password Policy.Password
 Policies.Security

This shows U.P. policy applied to OUs 00000 and 30000 with the overiding exception policy applied to user west9.30000. I actually have this job scripted to produce a list of all policy assignments every night. We keep this history for a week.

JRB has some very nice tools we use on a daily basis.


Novell Cool Solutions (corporate web communities) are produced by WebWise Solutions. www.webwiseone.com

© 2014 Novell