-----Original Message----- From: Michael Ströder [mailto:michael@stroeder.com] Sent: Wednesday, September 09, 2015 11:14 AM To: Craig White; openldap-technical@openldap.org Subject: Re: ldapsearch getting attribute list in specific order
Craig White wrote:
I am surprised I haven't tripped over this before. ldapsearch -b ou=people, etc. uid pwdChangedTime mail Wanting to e-mail people with expiring passwords. I am counting on 4 lines for each person. Dn: UID: pwdChangedTime: mail: in this exact order but on the last one (which happens to be me, perhaps because I was the last one to change my password), my 'mail' attribute was returned before the pwdChangedTime attribute which would cause me to re-write the code to handle randomness of order of the output. Do I have to re-write my bash script?
Yes, you have to handle arbitrary order. => I'd recommend to use a better scripting language with a decent LDAP module for tasks like this.
If you insist on using a shell script look here: http://ltb-project.org/wiki/documentation/ldap-scripts/checkldappwdexpiratio...
I have no personal experience with it though. ---- Downloaded the LTB script somewhere but it's easy enough to write. I made a few changes and it's all good now, I was just hoping not to re-write code.
We're inflicting password policy on the few who are authorized in our production environment and seems reasonable to give them fair warning before their passwords expire.
Thanks.