Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!/usr/bin/perl
- use Net::LDAP;
- use Data::Dumper;
- my $LDAPSERVER = '192.168.1.2';
- my $ADUSERNAME = 'username@domain.local';
- my $ADPASSWORD = '********';
- my $LDAPBASE = 'CN=Users,DC=domain,DC=local';
- $ad = Net::LDAP->new($LDAPSERVER) or die "$@";
- $ad->bind($ADUSERNAME, password=>$ADPASSWORD) or die "$@";
- # $schema = $ad->schema();
- # die Dumper($schema);
- my $base = $LDAPBASE;
- my $attrs = ['sn', 'givenName', 'pwdLastSet', 'userAccountControl', 'accountExpires'];
- my $filter = 'sn=*';
- my @results = ($ad->search(base=>$base, filter=>$filter, attrs=>$attrs))->sorted('sn','givenName');
- my $count = @results;
- my $entry;
- my $nttime;
- my $userName;
- my $pwdLastSet;
- my $uac;
- my $expires;
- format STDOUT =
- @<<<<<<<<<<<<<<<<<<<<<<<< @<<<<<<<<<< @>>>>> @>>>>>>>>>>>>>>>>>>>>
- $userName, $pwdLastSet,$uac, $expires
- .
- for (my $i=0; $i<$count; $i++) {
- $entry = $results[$i];
- $nttime = $entry->get_value('pwdLastSet');
- $nttime =~ s/[0-9]{7}$//;
- # See Time::NT module as reference for the NT->unix time conversion
- my ($sec, $min, $hour, $mday, $mon, $year) = localtime(int($nttime)-11644473600);
- $pwdLastSet = sprintf('%04d-%02d-%02d', $year+1900, $mon+1, $mday);
- # Only print accounts that are not disabled and with passwords that expire
- $userName = $entry->get_value('sn') . ", " . $entry->get_value('givenName');
- $uac = $entry->get_value('userAccountControl');
- $expires = $entry->get_value('accountExpires');
- write unless (
- ($entry->get_value('userAccountControl') & 2) || # disabled users
- ($entry->get_value('userAccountControl') & 65536) # nonexpiring passwords
- );
- }
- $ad->unbind;
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement