Hey folks,
We want to reset passwords to admin accounts periodically (on many computers with the same admin username), and for this purpose, thinking of something along the lines of:
- Creating an extension attribute that pulls the creation or modification date of a log-file created at /var/log for users.
- Creating a smartgroup that includes all users that have a date before today (for an example).
- Use a policy that changes the password for these accounts and runs on all computers in the mentioned smartgroup.
Currently, the extension attribute "concept" is:
!/bin/sh
result=grep ("$(date)" /var/log/passwordresetdate.log)
[[OR stat -c stat -c '%w' MyFileName, but this is currently not working]]
echo "<result>$result</result>"
The end result should be a policy that does this once in X time, and afterwards all the admin users with this username on all designated computers will have a new password. This will keep running on computers until they all have the new password (and due to this I figured we need
Will appreciate any input on how to make this process better, and if it is possible to pull the creation date from a file created (I'll use touch to create the file after the policy runs the password reset using a trigger that will run on another policy) for this purpose!
