I want to search Active Directory for inactive users that have no login for x days/months. I've got such a ldapsearch query:
ldapsearch -h domain.test -p 389 -D "cn=login,ou=test,dc=domain,dc=test" -w "passwd" -s sub -b "ou=Test,dc=domain,dc=test" "(&(objectCategory=person)(objectClass=user)(userAccountControl:1.2.840.113556.1.4.803:=2))"
It gives me the list of all inactive users in domain.test with all attributes.
I would like to add a filter for searching users that have no login for x days/months, and it would be great if the result was the list of sAMAccountNames (inactive user and lastLogonTimestamp >e.g. 3months).
I'm aware that LastLogonTimestamp is not the real time of last user logon, but in this case it's not so important.
EDIT: now I only need to know if there is a way to show attribute like "lastLogonTimestamp" in the output of above ldapsearch query?
ANSWER: Attribute lastLogonTimestamp was not set for each object in the output of above ldapsearch query. I haven't noticed that. So grep displayed it:
ldapsearch -h domain.test -p 389 -D "cn=login,ou=test,dc=domain,dc=test" -w "passwd" -s sub -b "ou=Test,dc=domain,dc=test" "(&(objectCategory=person)(objectClass=user)(userAccountControl:1.2.840.113556.1.4.803:=2))" | grep -i lastlogontimestamp
EDIT:
I though that it will be ok to compare lastlogontimestamps - it isn't because lastlogontimestamp values are not comparable. The only way is to convert to date format first, and then compare to get users that lastlogon was eg. before 01/06/2017. And here's the question: how to convert windows lastlogontimestamp to date in bash?
Please let me know if it's the correct way to do it.
Any advice very appreciated.
Related
this is what i have:
ldapsearch -x -LLL "(uid=z*)" cn | grep "^cn:" | sort -r --ignore-case | cut -c5-999
How do i get this result in Alphabetical order?
Depending on the LDAP server and its configuration you can try to use the so-called server-side sorting control as defined in RFC 2891.
Note that not all LDAP servers support this or have activated it.
E.g. OpenLDAP server has to be configured with overlay slapo-sssvlv.
Furthermore an ORDERING matching rule has to be specified suitable for attribute type used for sorting. Either it's specified by default in the subschema or has to be specified in the search request.
This example without ordering matching rule results in error:
$ ldapsearch -LLL -E sss=-uid
Inappropriate matching (18)
Additional information: serverSort control: No ordering rule
This works:
$ ldapsearch -LLL -E sss=-uid:caseIgnoreOrderingMatch
I made a script that downloads several files located in my professional OneDrive. This script works perfectly from a French computer, a US computer but it can't work from a Japanese computer.
To permit you understand the problem, I will detail the program:
1- I establish the token system (I got inspired by Jay Lee detailed answer) and retrieve the token in the access_token variable.
2- To download the file, in my case I cannot use
curl -w %{time_total} https://graph.microsoft.com/v1.0/me/drive/items/01M...WU/content -H "Authorization: Bearer $access_token"
Thus, this how I proceed:
#I get the item properties
itemProperties=$(curl ${ODf1Mb} -H "Authorization: Bearer $access_token")
#In these properties I select the downloadUrl that will permit me to download the file
downloadUrl=$(echo -e "$itemProperties" | grep "#microsoft.graph.downloadUrl" | awk -F'[",]' '{ print $9 }')
#Finally I execute this URL storing the download time in a variable (I do all this stuff for this)
dload=$(curl -w %{time_total} ${downloadUrl} -H "Authorization: Bearer $access_token")
As I said at the begin, for French and US computers it will work but on the Japanese machine it doesn't. I do get the itemProperties and the downloadUrl but when I call the downloadUrl with CURL it seems that it cannot reach the server because I have this:
As we can see we do not even have the Total weight to be downloaded. As an element of comparison, this is the result in a French machine:
I know, there is a warning relating to command substitution but I haven't tried to fix it yet because it makes its job.
Note -> the downloadUrl has this format:
https://lpl-my.sharepoint.com/personal/{user}_{company infra domain}_com/_layouts/15/download.aspx?
I just cannot figure out what is the problem. I can access to the https://lpl-my.sharepoint.com through the browser so I don't think the server IP is banned.
Check your ping / traceroute to see if lpl-my.sharepoint.com resolves to the same network location.
Also, I have seen other folks run curl with -v to see verbose traces and see if what the difference is.
I've ran into a strange issue. I'm trying to script my router to collect usage stats and other stuff. I'm making one cURL to the auth URL to get a valid session id, then another using that session id to the page I need.
Here is my script:
SESSION_ID=$(curl --silent -D - -X POST http://10.0.0.1/login.cgi -d'admin_username=admin&admin_password=admin' | grep 'SESSION' | sed 's/Set-Cookie: SESSION=//' | sed 's/; path=\///')
echo $SESSION_ID # 1234567890
curl -v -H "Cookie: SESSION=$SESSION_ID" http://10.0.0.1/modemstatus_dslstatus.html
If I manually take SESSION_ID and insert it in place of '"$SESSION_ID"' everything is dandy. cURL shows the headers (via -v) and they are correct. Running the command while manually inserting the session id produces identical headers.
I'm sure it's something small. Please teach me something :)
Check for carriage returns \r in your variables which wouldn't appear with a simple echo in some cases.
I am working on a test in which I must find out the number of partitions of a table and check if it is right. If I use show partitions TableName I get all the partitions by name, but I wish to get the number of partitions, like something along the lines show count(partitions) TableName (which retuns OK btw.. so it's not good) and get 12 (for ex.).
Is there any way to achieve this??
Using Hive CLI
$ hive --silent -e "show partitions <dbName>.<tableName>;" | wc -l
--silent is to enable silent mode
-e tells hive to execute quoted query string
You could use:
select count(distinct <partition key>) from <TableName>;
By using the below command, you will get the all partitions and also at the end it shows the number of fetched rows. That number of rows means number of partitions
SHOW PARTITIONS [db_name.]table_name [PARTITION(partition_spec)];
< failed pictoral example >
You can use the WebHCat interface to get information like this. This has the benefit that you can run the command from anywhere that the server is accessible. The result is JSON - use a JSON parser of your choice to process the results.
In this example of piping the WebHCat results to Python, only the number 24 is returned representing the number of partitions for this table. (Server name is the name node).
curl -s 'http://*myservername*:50111/templeton/v1/ddl/database/*mydatabasename*/table/*mytablename*/partition?user.name=*myusername*' | python -c 'import sys, json; print len(json.load(sys.stdin)["partitions"])'
24
In scala you can do following:
sql("show partitions <table_name>").count()
I used following.
beeline -silent --showHeader=false --outputformat=csv2 -e 'show partitions <dbname>.<tablename>' | wc -l
Use the following syntax:
show create table <table name>;
I would like to write a shell script to do the following , would advise how to make it ? very thanks
Connect LDAP server ( Id : user , password : pass )
check the field user_account_create_date in the LDAP server, the format of data in this field is ABC20130922 (September 22, 2013)
find the record in this field to check last 8 digits ,
Pseudocode:
if the date is within 7 days: # account is created within 7 days
then do
...
else do
...
I have a script as below which connect ldap, and check if the user account is created within 7 days ( the script is not complete yet)
timestamp = date --date="-7 days" +%Y%m%d%k%m%SZ
ldapsearch -h 192.168.1.100 -p 389 -D cn=admin,o=services -w pass -x "(&(objectclass=*)(createTimestamp>=$timestamp))"
then
What I hope to do now is to modify the above script so that createTimestamp get the creation date string which can be used to compare with timestamp.
Something close to this should work:
ndays=7
timestamp=`date --date="-$ndays days" +'%Y%m%d'"100000Z"`
ldapsearch -x -LLL -h yourhost.yourdoamin.com -p 389 -b "ou=people,dc=yourdomain,dc=com" -D cn=admin,....,dc=yourdomain,dc=com -w yourpassword "(&(objectclass=inetorgperson)(modifytimestamp>=$timestamp))" modifytimestamp
I used modifyTimeStamp for testing as no one had been created lately on my home system.
-jim
Ensure that the timestamp has the correct syntax (generalized time). When using a value in an assertion (filter), the value must be the syntax of the attribute. Also, the objectClass=* component of the filter is not needed: all entries have at least one objectClass.