Help

EA calculating time since last password change

MPL
Contributor II

Posted on ‎07-27-2023 07:18 AM

Can someone assist with making this EA display correctly?

 

I want an EA to basically display how many days it has been since the last password change

 

What I currently have is this:

 

#!/bin/bash

# Logged in user
LoggedInUser=`ls -l /dev/console | awk '{ print $3 }'`

# Current password change policy
PasswdPolicy=0

# Last password set date
LastPasswordSet=`dscl . read /Users/$LoggedInUser | grep --context=3 passwordLastSetTime`

# Calculations
LastPasswordCalc1=`expr $LastPasswordSet / 10000000 - 1644473600`
LastPasswordCalc2=`expr $LastPasswordCalc1 - 10000000000`
TimeStampToday=`date +%s`
TimeSinceChange=`expr $TimeStampToday - $LastPasswordCalc2`
DaysSinceChange=`expr $TimeSinceChange / 86400`
DaysRemaining=`expr $PasswdPolicy - $DaysSinceChange`

echo "<result>$DaysRemaining</result>"

 

Can't get this to work correctly.

0 Kudos
2 REPLIES 2

efil4xiN
Contributor II

Posted on ‎07-27-2023 10:26 AM

This is what we use. pulled from nomad ( soon to be JAMF Connect). maybe something in there could help

 

#based on https://stackoverflow.com/questions/55158819/convert-string-to-a-bash-date-on-osx-and-check-if-older-than-90-days
#based on https://www.modtitan.com/2016/11/getting-ad-user-details-with-nomad-and.html

loggedInUser=`ls -l /dev/console | awk '/ / { print $3 }'`
 
timestamp=`defaults read "/Users/$loggedInUser/Library/Preferences/com.trusourcelabs.nomad.plist" LastPasswordExpireDate | cut -c1-10`


epoch_timestamp=$(date -jf "%Y-%m-%d" "${timestamp%%.*}" "+%s")
epoch_now=$(date "+%s")

days_diff=$(( (epoch_timestamp - epoch_now) / (24*3600) ))

 

if [  "$timestamp " != ""  ]; then
      echo "<result>$days_diff</result>"
    
fi

 

 

 

0 Kudos

MPL
Contributor II
In response to efil4xiN

Posted on ‎07-27-2023 11:56 AM

Thanks for the reply.

 

Unfortunately we don't use nomad 😰 so this one won't work for our env.

We have static passwords currently and just need something to convert either the output of the code below to JAMF's date format (ex. YYYY-MM-DD hh:mm:ss) or to provide us with a integer/number of how long it has been since the password has been reset (ex 10).

 

#!/bin/bash
currUser=$(ls -l /dev/console | awk '{print $3}')
lastset=$(date -r $(sudo dscl . -read /Users/"$currUser" accountPolicyData |
  tail -n +2 |
  plutil -extract passwordLastSetTime xml1 -o - -- - |
  sed -n "s/<real>\([0-9]*\).*/\1/p"))
echo "<result>$lastset</result>"

 

0 Kudos