tmp-admin-pwreset.pl

Project Lead: Henry Van Styn
Project Create Date: 2008-04-30
Page Last Modified: 2008-04-30
Version: 0.1
Release Date: 2008-04-30
Size: 16.8 KB
NAME
       tmp-admin-pwreset.pl - temporary administrative password reset tool

USAGE
       ./tmp-admin-pwreset.pl [USERNAME1,USERNAME2,@GROUP1... TEMP_PASSWORD|--restore|--help]

REQUIREMENTS
       * Samba3 with tdbsam backend
       * shadow passwords
       * perl
       Programs:
        tdbtool
        tdbdump
        chpasswd
        smbpasswd
        usermod
        date
        cat

DESCRIPTION
       Temporarily resets UNIX and Samba passwords for administrative purposes. The script
       saves the original password hashes in a file (specified by $current_pw_hashes_db) to
       allow them to be reset to their original values later. This is useful for adminis-
       trators who need to login as users, but do not have their passwords. The administra-
       tor can unobtrusively login and work on a user account without the user having to
       change their password back later, or even knowing anything happened.

       While passwords are in a temporarily reset state, the data is stored in the $cur-
       rent_pw_hashes_db file. Before modifying the user databases, the script backs up
       both user password database files (shadow file and passdb.tdb) to the directory
       specified by $pw_hashes_backup_dir with a timestamp in the filenames. All these
       files are protected by mode 0400, but its safe to go back and delete them later on
       (the backups are made just for safety reasons).

EXAMPLES
        ./tmp-admin-pwreset.pl jsmith pass
               temporarily resets the password of user jsmith to 'pass'

        ./tmp-admin-pwreset.pl jsmith,lwatkins,foo apple
               temporarily resets the password of users jsmith, lwatkins,
               and foo to 'apple'

	./tmp-admin-pwreset.pl jsmith,@domain-users apple
               temporarily resets the password of user jsmith, and all the
               users in the group 'domain-users' to 'apple'

        ./tmp-admin-pwreset.pl --restore
               restores the passwords for all users whose passwords have been
               temporarily reset.

        ./tmp-admin-pwreset.pl --help
               Displays this perldoc page

CHANGELOG
       2008-04-30 Version 0.1 Initial program development

COPYRIGHT
       Copyright (c) 2008 IntelliTree Solutions llc

       This program is free software: you can redistribute it and/or modify it under the
       terms of the GNU General Public License as published by the Free Software Founda-
       tion, either version 3 of the License, or (at your option) any later version.

       This program is distributed in the hope that it will be useful, but WITHOUT ANY WAR-
       RANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTIC-
       ULAR PURPOSE.  See the GNU General Public License for more details.

       You should have received a copy of the GNU General Public License along with this
       program.  If not, see <http://www.gnu.org/licenses/>.

AUTHOR
        Henry Van Styn <vanstyn@intellitree.com>
        IntelliTree Solutions llc (http://www.intellitree.com)