Solved

LDAP find expired users

Posted on 2016-09-21
8
185 Views
Last Modified: 2016-11-02
Hi all,
I'm working on a Captive Portal server and I should find via shell all expired users and delete them.
I try with ldapsearch -x shadowExpire=<DateConvertedInEpoch>
example expire date 20/09/2016:
ldapsearch -x shadowExpire=17064
it's fine working for that absolute date, but how can I do if I should search all users expired until 20/09/2016?
Thanks a lot
0
Comment
Question by:Claudio Pisciottano
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
8 Comments
 
LVL 20

Expert Comment

by:netcmh
ID: 41808942
ldapsearch -x shadowExpire<=17064
0
 
LVL 1

Author Comment

by:Claudio Pisciottano
ID: 41809038
Thank you for your reply, but

root@xxx /> ldapsearch -x shadowExpire<=17064
bash: =17064: No such file or directory
0
 
LVL 20

Expert Comment

by:netcmh
ID: 41810527
ldapsearch -x '((objectclass=shadowaccount)(shadowexpire<=17064))'
0
How To Install Bash on Windows 10

Windows’ budding partnership with Canonical has certainly led to some great improvements. One of them being the ability to use Bash on your Windows machine without third party applications! This might be one of the greatest things a cloud engineer in a Windows environment can do!

 
LVL 1

Author Comment

by:Claudio Pisciottano
ID: 41810584
Hi netcmh and thank you for your reply and interest, but I've another type of error

root@xxx /> ldapsearch -x '((objectclass=shadowaccount)(shadowexpire=17064))'
# extended LDIF
#
# LDAPv3
# base <> with scope sub
# filter: ((objectclass=shadowaccount)(shadowexpire=17064))
# requesting: ALL
#
ldapsearch: ldap_search_ext: Bad search filter (-7)
root@xxx />
0
 
LVL 20

Accepted Solution

by:
netcmh earned 500 total points
ID: 41810602
I don't have ldapsearch installed on this computer, and am doing this off the top of my head:

try

ldapsearch -v -x ‘(&(shadowexpire<=17064))’
0
 
LVL 1

Author Comment

by:Claudio Pisciottano
ID: 41810696
Ok, with this command I've not an error, so it's seems good, but I've not my goal.

root@xxx /> ldapsearch -v -x '(&(shadowExpire<=17094))'
ldap_initialize( <DEFAULT> )
filter: (&(shadowExpire<=17094))
requesting: ALL
# extended LDIF
#
# LDAPv3
# base <> with scope sub
# filter: (&(shadowExpire<=17094))
# requesting: ALL
#

# search result
search: 2
result: 0 Success

# numResponses: 1
root@xxx />

But if I write:

root@xxx /> ldapsearch -v -x '(&(shadowExpire=17084))'
ldap_initialize( <DEFAULT> )
filter: (&(shadowExpire=17084))
requesting: ALL
# extended LDIF
#
# LDAPv3
# base <> with scope sub
# filter: (&(shadowExpire=17084))
# requesting: ALL
#

# john, People, mycompany.local
dn: uid=john,ou=People,dc=mycompany,dc=local
objectClass: inetOrgPerson
objectClass: posixAccount
objectClass: top
objectClass: shadowAccount
objectClass: organizationalPerson
cn: ?
description: ?
displayName: ?
o: ?
uidNumber: 2
gidNumber: 65534
homeDirectory: /home/john
loginShell: /bin/sh
ownerUser: admin
sessions: 0
loginRemote: ?
givenName: john
sn: doe
mail: john.doe@company.com
telephoneNumber:
gecos: ?
shadowExpire: 17084
hidden: no
roomName: ?
MCpInterfaces: ?
maxDays: ?
class: BUSINESS
uid: john
validity: yes

# search result
search: 2
result: 0 Success

# numResponses: 2
# numEntries: 1
root@xxx />
0
 
LVL 20

Assisted Solution

by:netcmh
netcmh earned 500 total points
ID: 41810724
Can you try this, please?

ldapsearch -v -x '(&(shadowExpire=0)(shadowExpire=17084))'

ldapsearch -v -x '(&(shadowExpire>1)'
0

Featured Post

Comprehensive Backup Solutions for Microsoft

Acronis protects the complete Microsoft technology stack: Windows Server, Windows PC, laptop and Surface data; Microsoft business applications; Microsoft Hyper-V; Azure VMs; Microsoft Windows Server 2016; Microsoft Exchange 2016 and SQL Server 2016.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this series, we will discuss common questions received as a database Solutions Engineer at Percona. In this role, we speak with a wide array of MySQL and MongoDB users responsible for both extremely large and complex environments to smaller singl…
This post looks at MongoDB and MySQL, and covers high-level MongoDB strengths, weaknesses, features, and uses from the perspective of an SQL user.
Learn how to get help with Linux/Unix bash shell commands. Use help to read help documents for built in bash shell commands.: Use man to interface with the online reference manuals for shell commands.: Use man to search man pages for unknown command…
Video by: Steve
Using examples as well as descriptions, step through each of the common simple join types, explaining differences in syntax, differences in expected outputs and showing how the queries run along with the actual outputs based upon a simple set of dem…

627 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question