Password Expiration notifications
Matthew J. Smith
matt.smith at uconn.edu
Thu Apr 6 10:08:16 EDT 2006
Based on some excellent suggestions, I have started pursuing parsing the
dump file (produced by "kdb5_util dump"). I think I have figured out
most of the columns. Could someone point me to a (preferably non source
code) reference describing the dump format? I now have a need to
retrieve the "Password Last Changed" value, and am having difficulty
determining which column this is.
Thank you,
-Matt
Matthew J. Smith wrote:
> Hello all,
>
> I am using MIT Krb5 1.4.3, and am looking to send an email
> notification to my users 14 days before their passwords expire. I have
> cobbled together a Proof-of-Concept using kadmin -q "getprinc -terse" to
> scrape the password expiration date from each principal. The PoC works,
> but seems "inefficient", requiring a getprinc to the KDC for each princ
> returned by listprincs. Is there a better way? Is there a way to query
> the KDC for a list of users whose password is about to expire? Or at
> least, is there a kadm5_get_principals call that will return an array of
> principal structures (instead of just a string[] of names), which I can
> just iterate over locally, looking at expiration timestamps?
>
> Thank you for any insight you can offer,
> -Matt
>
> ---
> matt.smith at uconn.edu
> University of Connecticut ITS
>
>
> ________________________________________________
> Kerberos mailing list Kerberos at mit.edu
> https://mailman.mit.edu/mailman/listinfo/kerberos
>
More information about the Kerberos
mailing list