Hello, I am looking for a way to efficiently implement three queries regarding principals in our MIT KDC:
1) Give me a list of all expired users, 2) Give me a list of all users who will expire X days into the future, 3) Give me a list of all users whose password will expire X days into the future As a quick and dirty proof of concept for a larger project, I am shelling out a "get_principal" to kadmin for each principal, grep'ing the appropriate date line, and operating on it. Of course, eventually, this would not be done via shell to kadmin, but instead could be implemented in C or Perl's Authen:Krb5 (although I have not yet managed to compile this package for linux/s390x). But more importantly, looking algorithmically at this process of checking each principal, I am hoping something better exists, allowing me to issue a single dated query against the KDC, and it can return the list of matching users. Does such a mechanism exist? Thank you, -Matt ________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
