zimbra notify password expired by bash script
In this tutorial, How to remind USER notify passowrd expired on zimbra. Bash script have policy 120 days password expired.
The content zimbra notify password expired as below
The display picture as below
zimbra notify password expired by bash script
To create zimbra_notify_change _pass.sh file to notify password expired for all zimbra accounts.[root@mail ~]# cat zimbra_notify_change_pass.sh
The content zimbra notify password expired as below
#!/bin/bashRunning zimbra notify password expired by bash script
# Bash scriptzimbra password expiry email notification.
# To be performed as daily cronjob run as zimbra USER.
######################### Set environment #########################
#Todays date, in seconds:
DATE=$(date +%s)
# Set some vars:
# First notification in days, then last warning:
FIRST="7"
LAST="3"
# pass expiry in days
POLICY="120"
# Sent from:
FROM="admin@mail.huuphan.com"
# Get all _USERs - it should run once only.
_USERS=$(/opt/zimbra/bin/zmprov -l gaa | egrep -v "spam|ham|virus-quarantine|galsync");
# zimbra password variable
ZIMBRA_LDAP_PASSWORD=$(su - zimbra -c "zmlocalconfig -s zimbra_ldap_password | cut -d ' ' -f3")
# zimbra LDAP Master URL variable
LDAP_MASTER_URL=$(su - zimbra -c "zmlocalconfig -s ldap_master_url | cut -d ' ' -f3")
# zimbra command search
LDAPSEARCH=$(ionice -c3 find /opt/zimbra/ -type f -iname ldapsearch)
# Sendmail executable
SENDMAIL=$(ionice -c3 find /opt/zimbra/ -type f -iname sendmail)
# Time taken of script;
echo "$SECONDS Started on: $(date)"
######################### End Set environment #########################
# For loop:
for _USER in $_USERS
do
# When was the password set?
OBJECT="(&(objectClass=zimbraAccount)(mail=$_USER))"
# Domain to check, e.g. 'example.com'; huupv@mail.huuphan.com then domain mail.huuphan.com
DOMAIN=$(echo $_USER | cut -d "@" -f 2)
# zimbra password set date variable
PASS_SET_DATE=`$LDAPSEARCH -H $LDAP_MASTER_URL -w $ZIMBRA_LDAP_PASSWORD -D uid=zimbra,cn=admins,cn=zimbra -x $OBJECT | grep zimbraPasswordModifiedTime: | cut -d " " -f 2 | cut -c 1-8`
# Date for expiry from now.
EXPIRES=$(date -d "$PASS_SET_DATE $POLICY days" +%s)
# Now, how many days until that?
DEADLINE=$(( ($DATE - $EXPIRES) / -86400 ))
# Email to send to victims - USERs...
SUBJECT="$_USER - Password email expired $DEADLINE more days"
BODY="
Dear $_USER,
Notified that your Email password will expire in $DEADLINE days. Please change your Email password immediately via Web Mail:
- Access: https://$DOMAIN
How to change your Email password:
1. Login to Web Mail according to the address above
2. Select the Preferences tab
3. On the General | menu Sign in. click the Change Password button
4. Enter your old password, new password & confirm your new password
5. Click the Change password button to replace it
Email account password consists of at least 8 characters, with a combination of alphanumeric (uppercase, lowercase letters, numbers) and symbols (! @ # $, Etc.).
If you have questions about how to change your Email password, please contact the Team support
Thank you,
Admin
"
# Send it off depending on days, adding verbose statements for the 'log'
# First warning
if [[ "$DEADLINE" -eq "$FIRST" ]]
then
echo "Subject: $SUBJECT" "$BODY" | $SENDMAIL -f "$FROM" "$_USER"
echo "Reminder email sent to: $_USER - $DEADLINE days left"
# Second
elif [[ "$DEADLINE" -eq "$LAST" ]]
then
echo "Subject: $SUBJECT" "$BODY" | $SENDMAIL -f "$FROM" "$_USER"
echo "Reminder email sent to: $_USER - $DEADLINE days left"
# Final
elif [[ "$DEADLINE" -eq "1" ]]
then
echo "Subject: $SUBJECT" "$BODY" | $SENDMAIL -f "$FROM" "$_USER"
echo "Last chance for: $_USER - $DEADLINE days left"
else
echo "Account: $_USER reports; $DEADLINE days on Password policy"
fi
# Finish for loop
done
[root@mail ~]# chmod +x zimbra_notify_change_pass.sh
[root@mail ~]# bash zimbra_notify_change_pass.sh
The display picture as below
Hi,
ReplyDeleteeverything works well except the admin account doesn’t receive expired account information. any suggestion?
Thanks,
Ritz
Hi Team,
ReplyDeleteI got this below error while running the above script,
ldap_sasl_bind(SIMPLE): Can't contact LDAP server (-1)
Account: myuser@mpradeep.cf reports; 120 days on Password policy