import ldap
import time
+import email
+import smtplib
LDAP_URI='ldaps://fds.useribm.hu'
USERS_BASE='ou=people,dc=user,dc=hu'
+PWD_MAX_AGE = 8640000
+PWD_EXP_WARN_DAYS_1 = 7
+PWD_EXP_WARN_DAYS_2 = 3
+PWD_EXP_WARN_DAYS_3 = 1
+
+PWD_WARNING_SUBJECT = 'Your password expires in {} days'
+PWD_WARNING_MESSAGE = '''Dear {},
+
+Your password will expire in {} days.
+Please visit https://fdc.useribm.hu and change it.
+
+Respectfully yours,
+Directory Server'''
+
+PWD_ERROR_SUBJECT = 'Your password has expired'
+PWD_ERROR_MESSAGE = '''Dear {},
+
+Your password has expired.
+Please visit https://fdc.useribm.hu and change it.
+
+Respectfully yours,
+Directory Server'''
+
+
+def send_mail(mail_type, expiration_days, uid, email_address):
+ msg = email.message.EmailMessage()
+ if mail_type == 'WARNING':
+ msg.set_content(PWD_WARNING_MESSAGE.format(uid, expiration_days))
+ msg['Subject'] = PWD_WARNING_SUBJECT.format(expiration_days)
+ elif mail_type == 'ERROR':
+ msg.set_content(PWD_ERROR_MESSAGE.format(uid))
+ msg['Subject'] = PWD_ERROR_SUBJECT
+ elif mail_type == 'CRITICAL':
+ msg.set_content(PWD_ERROR_MESSAGE.format(uid))
+ msg['Subject'] = PWD_ERROR_SUBJECT
+ else:
+ msg.set_content('Invalid mail_type value: {}'.format(mail_type))
+ msg['Subject'] = 'Invalid mail_type value: {}'.format(mail_type)
+ email_address = 'zoltan.felleg@userrendszerhaz.hu'
+ msg['From'] = 'dirsrv@useribm.hu'
+ msg['To'] = email_address
+ srv = smtplib.SMTP()
+ srv.connect()
+ srv.send_message(msg)
+ srv.quit()
+
+
if __name__ == '__main__':
ldap_object = ldap.initialize(LDAP_URI)
- #ldap_object.set_option(ldap.OPT_X_TLS_REQUIRE_CERT, ldap.OPT_X_TLS_NEVER)
- #ldap_object.set_option(ldap.OPT_X_TLS_NEWCTX, 0)
- search_id = ldap_object.search(USERS_BASE, ldap.SCOPE_SUBTREE, attrlist=['uid', 'pwdUpdateTime'])
+ search_id = ldap_object.search(USERS_BASE,
+ ldap.SCOPE_SUBTREE,
+ attrlist=['uid',
+ 'mail',
+ 'pwdUpdateTime'])
(search_result_type, search_result_data) = ldap_object.result()
current_timestamp = time.mktime(time.gmtime())
for item in search_result_data:
(dn, values) = item
- if 'pwdUpdateTime' in values:
+ if ('mail' in values) and ('pwdUpdateTime' in values):
uid = values['uid'][0].decode('utf-8')
- pwdupdatetime = values['pwdUpdateTime'][0].decode('utf-8')
- pwdupdatetimestamp = time.mktime(time.strptime(pwdupdatetime, '%Y%m%d%H%M%S%z'))
- days_since_password_update = (current_timestamp - pwdupdatetimestamp) / (24 * 60 * 60)
- print(uid, pwdupdatetime, days_since_password_update)
- #print(dn, values)
+ email_address = values['mail'][0].decode('utf-8')
+ pwd_update_time = values['pwdUpdateTime'][0].decode('utf-8')
+ pwd_update_timestamp = time.mktime(time.strptime(pwd_update_time, '%Y%m%d%H%M%S%z'))
+ expiration_seconds = PWD_MAX_AGE - (current_timestamp - pwd_update_timestamp)
+ expiration_days = expiration_seconds / (24 * 60 * 60)
+ rounded_expiration_days = int(expiration_days + 0.5)
+ if expiration_days > PWD_EXP_WARN_DAYS_1:
+ #send_mail('OK', rounded_expiration_days, uid, email_address)
+ continue
+ if (expiration_days + PWD_EXP_WARN_DAYS_2) < 0:
+ #send_mail('CRITICAL', rounded_expiration_days, uid, email_address)
+ continue
+ if expiration_days < 0:
+ send_mail('ERROR', rounded_expiration_days, uid, email_address)
+ continue
+ if expiration_days == PWD_EXP_WARN_DAYS_3:
+ send_mail('WARNING', rounded_expiration_days, uid, email_address)
+ continue
+ if expiration_days == PWD_EXP_WARN_DAYS_2:
+ send_mail('WARNING', rounded_expiration_days, uid, email_address)
+ continue
+ if expiration_days == PWD_EXP_WARN_DAYS_1:
+ send_mail('WARNING', rounded_expiration_days, uid, email_address)
https://git.useribm.hu / user-lxc.git / commitdiff