Hey folks,

We want to reset passwords to admin accounts periodically (on many computers with the same admin username), and for this purpose, thinking of something along the lines of:

1. Creating an extension attribute that pulls the creation or modification date of a log-file created at /var/log for users.
2. Creating a smartgroup that includes all users that have a date before today (for an example).
3. Use a policy that changes the password for these accounts and runs on all computers in the mentioned smartgroup.

Currently, the extension attribute "concept" is:

!/bin/sh

result=grep ("$(date)" /var/log/passwordresetdate.log)
[[OR stat -c stat -c '%w' MyFileName, but this is currently not working]]

echo "<result>$result</result>"

The end result should be a policy that does this once in X time, and afterwards all the admin users with this username on all designated computers will have a new password. This will keep running on computers until they all have the new password (and due to this I figured we need

Will appreciate any input on how to make this process better, and if it is possible to pull the creation date from a file created (I'll use touch to create the file after the policy runs the password reset using a trigger that will run on another policy) for this purpose!