bash LDAP 中的用户帐户创建日期
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/19021421/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
user account creation date in LDAP
提问by user2805388
I would like to write a shell script to do the following , would advise how to make it ? very thanks
我想写一个shell脚本来做下面的事情,请教如何制作?很感谢
- Connect LDAP server ( Id : user , password : pass )
- check the field
user_account_create_datein the LDAP server, the format of data in this field isABC20130922(September 22, 2013) - find the record in this field to check last 8 digits ,
- 连接 LDAP 服务器(Id:用户,密码:pass)
- 查看
user_account_create_dateLDAP服务器中的字段,该字段的数据格式为ABC20130922(2013年9月22日) - 在此字段中找到记录以检查最后 8 位数字,
Pseudocode:
伪代码:
if the date is within 7 days: # account is created within 7 days
then do
...
else do
...
I have a script as below which connect ldap, and check if the user account is created within 7 days ( the script is not complete yet)
我有一个脚本如下连接ldap,并检查用户帐户是否在7天内创建(脚本尚未完成)
timestamp = date --date="-7 days" +%Y%m%d%k%m%SZ
ldapsearch -h 192.168.1.100 -p 389 -D cn=admin,o=services -w pass -x "(&(objectclass=*)(createTimestamp>=$timestamp))"
then
What I hope to do now is to modify the above script so that createTimestampget the creation date string which can be used to compare with timestamp.
我现在希望做的是修改上面的脚本,以便createTimestamp获取可用于与时间戳进行比较的创建日期字符串。
回答by jwilleke
Something close to this should work:
接近此的东西应该可以工作:
ndays=7
timestamp=`date --date="-$ndays days" +'%Y%m%d'"100000Z"`
ldapsearch -x -LLL -h yourhost.yourdoamin.com -p 389 -b "ou=people,dc=yourdomain,dc=com" -D cn=admin,....,dc=yourdomain,dc=com -w yourpassword "(&(objectclass=inetorgperson)(modifytimestamp>=$timestamp))" modifytimestamp
I used modifyTimeStamp for testing as no one had been created lately on my home system.
我使用 modifyTimeStamp 进行测试,因为最近在我的家庭系统上没有创建任何人。
-jim
-吉姆
回答by Terry Gardner
Ensure that the timestamp has the correct syntax (generalized time). When using a value in an assertion (filter), the value must be the syntax of the attribute. Also, the objectClass=*component of the filter is not needed: all entries have at least one objectClass.
确保时间戳具有正确的语法(广义时间)。在断言(过滤器)中使用值时,该值必须是属性的语法。此外,objectClass=*不需要过滤器的组件:所有条目至少有一个objectClass.
