Password Expiry Notification June 19, 2006
Posted by Phillip in : sysadmin, work , trackbackProblem:
We need a method to notify users who are not logging into Active Directory (ie: Mac and Linux users) that their password is going to expire.
Solution #1: Password Notification Identity Manager Driver
Description: This is an Identity Manager Loopback Driver that watches for password events in your directory and notifies users (via email) that their password is going to expire.
Issue: Does not work as designed, requires MAJOR FREAKIN’ REWRITES (xslt, yuck)! The driver pseudo-works for detecting users who have limited Grace Login levels. It completely fails on trying to notify users that their password is going to expire.
Solution #2: Password Expiration Email Notification
Description: This is a console-based java application that runs out of CRON every night. It is supposed to scan the defined containers in your directory and notify users (via emai) that their passwords are going to expire in defined intervals (30,15,5,3,1 day(s)) and send them a URL to the self-service portal. It also identifies users whose passwords have already expired and notifies them to contact the IT Help Desk.
Issue: Missing something. I have it working in a not-so-working state. For whatever reason, it detects all levels (set to expire and expired) as expired and notifies me as such. Time to hack away at the java source.
Comments»
no comments yet - be the first?