Noah Bliss via FreeIPA-users wrote: > Rob, > > Thanks for the info! Is there any documentation on how to implement a > generic use-case for this tool? The readthedocs page seems to imply it is > still in the planning stages and (from my perspective) seems a bit lean on > details.
I'm not sure what you mean by generic use-case. It is pretty specific to finding and notifying expiring users. For the design we went with approach #1: a standalone tool. We have tended not to keep design pages up-to-date with implementation, sorry about that. Some additional usage docs are in the man page https://github.com/freeipa/freeipa/blob/master/client/man/ipa-epn.1 and the config man page https://github.com/freeipa/freeipa/blob/master/client/man/epn.conf.5 rob > > Regards, > Noah > > Jan 18, 2021 13:21:00 Rob Crittenden via FreeIPA-users > <[email protected]>: > >> Noah Bliss via FreeIPA-users wrote: >>> Hey all, >>> >>> Just wanted to share a couple of tools I whipped up to flesh out some of >>> the more time consuming or lean feature areas of FreeIPA. Hopefully they >>> help you! Pull Reuquests and Issues are welcome. >>> >>> https://github.com/noahbliss/freeipa-sam >>> FreeIPA-SAM is a simple menu-driven bash script for lifecycle management >>> of system (service) accounts in LDAP. As a refresher, these seem to be >>> the accounts you use as connectors to various services, but not for >>> typical human user login. As there doesn't seem to be a convenient way >>> to manage these in the WebUI and consistency is key when doing manual >>> account management, I've found this to be a huge time-saver. >>> >>> https://github.com/noahbliss/freeipa-pen >>> FreeIPA-PEN is a bash script designed to be installed on an IPA server >>> and invoked by cron. It uses a system account to check LDAP and notify >>> users via email if their password is going to expire soon. For accounts >>> that do not have an email address or have already expired, it can >>> generate a weekly/monthly report for you as an admin. >> >> Looks cool, thanks for sharing. >> >> Note that the IPA in 4.9.0+ provides a similar service for your expiring >> account notification project, similarly named EPN (Expired Password >> Notification). >> >> rob >> _______________________________________________ >> FreeIPA-users mailing list -- [email protected] >> To unsubscribe send an email to [email protected] >> Fedora Code of Conduct: >> https://docs.fedoraproject.org/en-US/project/code-of-conduct/ >> List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines >> List Archives: >> https://lists.fedorahosted.org/archives/list/[email protected] >> >> _______________________________________________ >> FreeIPA-users mailing list -- [email protected] >> To unsubscribe send an email to [email protected] >> Fedora Code of Conduct: >> https://docs.fedoraproject.org/en-US/project/code-of-conduct/ >> List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines >> List Archives: >> https://lists.fedorahosted.org/archives/list/[email protected] _______________________________________________ FreeIPA-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected]
