-
标题
Is there an equivalent to the chage command to show password age and security policies? -
说明
Is there an equivalent to the chage command to show password age and security policies? The chage command provides the following:
# chage -l root
Last password change : Jan 01, 2015
Password expires : never
Password inactive : never
Account expires : never
Minimum number of days between password change : 0
Maximum number of days between password change : 99999
Number of days of warning before password expires : 7 -
解决办法
There is no one command for getting that sort of information from QAS, however much of the information is available and can be displayed with some scripting.
For example, the password expiration date can be found in AD timestamp format in the account attributes:
# /opt/quest/bin/vastool -u host/ attrs <username> accountExpires|cut -d " " -f 2That AD timestamp can be converted to a Unix timestamp and displayed with the following code:
UTIME=`echo $ADTIME / 10000000 - 11644473600 | bc`date -d @$UTIMEOther information about the Windows password security policy can be found in the "vgptool listgpt" command:# vgptool listgpt -l | grep Pass| MinimumPasswordAge = 30| MaximumPasswordAge = 42| MinimumPasswordLength = 1| PasswordComplexity = 0| PasswordHistorySize = 0| RequireLogonToChangePassword = 0| ClearTextPassword = 0