ts01206
asked on
Using Perl and Expect For ID / Password Creation and Maintenance Via Cygwin
Background: Minimal experience with Perl and none with Expect. We have 1,000's of users. 150+ Unix servers (Primarily AIX, some Solaris, and a couple of HP-UX). NIS is not an option and neither is purchasing a commercial product. The team (40 staff) has to maintain our own ID's across all the servers, plus perform account creations and password maintenance for all internal clients across the same servers. It's a nightmare and time consuming to say the least. Trying to build a process that we can run from our desktops through Cygwin. We must use ssh to connect to each server. My thought is to use Perl and Expect to automate the process.
Looking For: Some guidance and code snippets or base script from which to build on.
Pseudo Code: (All of the below actions (successes, failures, etc.) need to written to a log for audit purposes. Would create a file containing server names, ID's, UID's for new account creations, unlock ID only flag, old password for existing and new password for new ID's or separate files for each)
Connect to server
Connection successful?
Yes, continue.
No, try next server.
Does ID already exist?
Yes, is account locked?
Yes, unlock account.
Does client want password reset?
Yes, reset password.
No, go to next server.
No, reset password.
No, create account and and set new temp password.
Go to next server and repeat process until all servers have been looped thru.
Thanks in advance!!
Looking For: Some guidance and code snippets or base script from which to build on.
Pseudo Code: (All of the below actions (successes, failures, etc.) need to written to a log for audit purposes. Would create a file containing server names, ID's, UID's for new account creations, unlock ID only flag, old password for existing and new password for new ID's or separate files for each)
Connect to server
Connection successful?
Yes, continue.
No, try next server.
Does ID already exist?
Yes, is account locked?
Yes, unlock account.
Does client want password reset?
Yes, reset password.
No, go to next server.
No, reset password.
No, create account and and set new temp password.
Go to next server and repeat process until all servers have been looped thru.
Thanks in advance!!
ASKER
Thanks Adam for the response. Unfortunately, I have to use ssh to connect with (that's probably not a bad thing).
Towards the bottom, there is an example that uses SSH, as well as one that changes a users password. (search for "ssh" in the page)
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks Adam for pointing me to those modules. Between the two of them, I think I have a good starting point. I'll likely have further questions, but again, it's a great starting point. Thanks!
I've used the Net::Telnet module to log into servers and do some stuff, and it hasn't been to difficult.
http://search.cpan.org/~jrogers/Net-Telnet-3.03/lib/Net/Telnet.pm
There are examples in the documentation.