Novell is now a part of Micro Focus

Expire Accounts Not Used in 30 Days

Novell Cool Solutions: Cool Tool

Digg This - Slashdot This

In Brief

Script expires accounts that haven't been used in the last 30 days.


Product Categories:
  • eDirectory
  • Posted:11 Oct 2007
    File Size:6KB
    Publisher:David Brightman


    Please read the note from our friends in legal before using this file.


    Re: lastlogin - Generate Report Based on Last Login Time

    This is a great script, many thanks to Don for his sterling efforts.

    I have a client whose requirement (set by the pesky auditors!) is to automatically expire any account that hasn't been used in the last 30 days, so I amended the script to allow this type of functionality:

    # Modified to take into account whether the account is enabled or disabled
    # This is specified by the attribute 'logindisabled' and is either TRUE or FALSE
    # The -e parameter has been defined so you can filter on only enabled accounts
    # The report has also been modified to detail the logindisabled state
    # The original 'delfile.ldif' has been modified to an 'expfile.ldif' - this
    # contains the ldap modify statements required to change the logindisabled state
    # N.B. To reset the TRUE/FALSE field via ldap you seem to need to 'delete' the
    # existing attribute and then add back the required state
    # Additionally, you need the "-" line between the delete and add....

    Example of the ice command required to import the generated file:

    ice   -l <icelog> -S LDIF -c -f expfile.ldif	\
                -D LDAP -s <server> -p<port> -d <admindn> -w <adminpw>

    Novell Cool Solutions (corporate web communities) are produced by WebWise Solutions.

    © Copyright Micro Focus or one of its affiliates