AIX: Script to check the password expiry of a entire account

Single Server

#!/usr/bin/perl
use strict;
use POSIX qw(ceil);
use User::pwent;
use Term::ANSIColor;

my ($user,%userids);

while ($user = getpwent()){
        my $u = $user-&gt;name;
        if ( `lsuser -a account_locked $u` =~ /.*account_locked=true.*/) {next;}

        chomp(my $lastupdate = `lssec -f /etc/security/passwd -a lastupdate -s $u | awk -F= '{print \$2}'`);
        if (! $lastupdate) { next; }

        chomp(my $maxage = `lsuser -a maxage $u | awk -F= '{print \$2}'` * 7);

        my $expires = $lastupdate + (60 * 60 * 24 * $maxage);
        my $expire_date = scalar(localtime($expires));
        my $change_date = scalar(localtime($lastupdate));
        my $now = time();
        my $daysremaining = ceil((($expires - $now) / (60*60*24)) - 1);

        push(@{$userids{$u}}, $daysremaining,$maxage,$change_date,$expire_date);
}

print "User         DaysLeft  Expires                   LastChanged               DaysValid\n";

foreach $user (sort {$userids{$a}[0] &lt;=&gt; $userids{$b}[0] } keys %userids){
        if (@{$userids{$user}}[0] &lt;= 0) {
                print color("red");
        }elsif(@{$userids{$user}}[0] &lt;= 14){
                print color("yellow");
        }else{
                print color ("green");
        }

        if (@{$userids{$user}}[1] eq 0) {
                print color ("green");
                printf "%-12s N/A       %-25s %-25s %-9s\n", $user, "Never Expires",@{$userids{$user}}[2],"N/A";
        }else {
                printf "%-12s %-9d %-26s", $user, @{$userids{$user}}[0], @{$userids{$user}}[3];
                printf "%-25s %-9d\n", @{$userids{$user}}[2], @{$userids{$user}}[1];

        }
        print color ("reset");
}

Technical Blog for System Administrator

You can see a real scenario of work experience

AIX: Script to check the password expiry of a entire account

Share this:

Related