Posted on 02-13-2017 09:29 PM
Greetings JAMF Nation!
I've been trying to find a way to check all of our local user accounts that not changed a password in say 90+ days.
I've found a few EA's on here but none that let me specify say greater than or less than in the search but instead just day count and that is it.
Basically trying to get an idea of just how many users we'll be seeing change his or her password come the day we push out our implementation of our local account policy for password changes on non-AD bound computers.
Posted on 02-15-2017 08:34 AM
We use this one https://github.com/jamfit/Current-User-Password-Age
Seems to work well.
Posted on 02-15-2017 09:37 AM
This will get you the epoch time of the password set date for an account. You can compare this to whatever epoch value you want. For example, 90 days.
timeStamp90dBack=$(date -v-90d -u +"%s")
pwLastChangeEpoch=$(dscl . read /Users/"$USERNAME" accountPolicyData | sed -n '/passwordLastSetTime/{n;s@.*<real>(.*)</real>@1@p;}' | sed s/.[0-9,]*$//g)
if [[ $pwLastChangeEpoch -lt $timeStamp90dBack; then
do something here
fi
Posted on 02-22-2017 03:27 PM
Sorry for not responding to everyone just got back from a large company event and will be trying some of these this evening and will let everyone know what worked!
Posted on 09-21-2018 06:11 AM
Hi, I;m looking for something similar but want it for all local accounts rather than the one that is logged in. anyone able to assist?
Posted on 04-22-2021 12:59 PM
Does anyone have the script for finding password age, the below link does not seem to work. I am looking for some way to view the password age of a local account on all the machines.
https://github.com/jamfit/Current-User-Password-Age
Posted on 04-25-2021 01:49 PM
I'm also looking for this, but the Github page is 404.
Posted on 07-20-2021 07:49 AM
@matthewanderson I'm looking for it too.