+ shadowLast = str(int(time.time()/24/60/60));
+ l.modify_s(UserDn,[(ldap.MOD_REPLACE,"userPassword",Pass),
+ (ldap.MOD_REPLACE,"shadowLastChange",shadowLast)]);
+ Attrs[0][1]["userPassword"] = [Pass];
+ Attrs[0][1]["shadowLastChange"] = [shadowLast];
+ continue;
+
+ # retire DD
+ if Response == 'r' and RootMode == 1:
+ if Attrs[0][1].has_key("accountStatus") == 0:
+ curStatus = "<not set>"
+ else:
+ curStatus = Attrs[0][1]["accountStatus"][0]
+ if Attrs[0][1].has_key("accountComment") == 0:
+ curComment = "<not set>"
+ else:
+ curComment = Attrs[0][1]["accountComment"][0]
+ print "\n\nCurrent status is %s"%curStatus
+ print "Current comment is %s\n"%curComment
+
+ print "Set account to:"
+ print " 1) retiring (lock account but do not disable mail):"
+ print " 2) inactive (removed/emeritus/... - lock account and disable mail):"
+ print " 3) memorial (lock account and disable mail):"
+ print " 4) active (do not change other settings, you will have to deal with them)"
+ print " q) return (no change)"
+ Resp = raw_input("Action? ")
+ if Resp == "1" or Resp == "2":
+ Lock(UserDn, Attrs, Resp == "2")
+ if Resp == "1":
+ newstatus = "retiring %s"%(time.strftime("%Y-%m-%d"))
+ else:
+ newstatus = "inactive %s"%(time.strftime("%Y-%m-%d"))
+ l.modify_s(UserDn,[(ldap.MOD_REPLACE,"accountStatus",newstatus)])
+ Attrs[0][1]["accountStatus"] = [newstatus]
+
+ Resp2 = raw_input("Optional RT ticket number? ")
+ if (Resp2 != ''):
+ comment = "RT#%s"%(Resp2)
+ l.modify_s(UserDn,[(ldap.MOD_REPLACE,"accountComment",comment)])
+ Attrs[0][1]["accountComment"] = [comment]
+ elif Resp == "3":
+ Lock(UserDn, Attrs)
+ newstatus = "memorial"
+ l.modify_s(UserDn,[(ldap.MOD_REPLACE,"accountStatus",newstatus)])
+ Attrs[0][1]["accountStatus"] = [newstatus]
+ elif Resp == "4":
+ newstatus = "active"
+ l.modify_s(UserDn,[(ldap.MOD_REPLACE,"accountStatus",newstatus)])
+ Attrs[0][1]["accountStatus"] = [newstatus]
+
+ continue;
+
+
+ # Randomize password
+ if Response == 'R' and RootMode == 1:
+ Resp = raw_input("Randomize Users Password? [no/yes]");
+ if Resp != "yes":
+ continue;
+
+ # Generate a random password
+ try:
+ Password = GenPass();
+ Pass = HashPass(Password);
+ except:
+ print "%s: %s\n" %(sys.exc_type,sys.exc_value);
+ raw_input("Press a key");
+ continue;
+
+ print "Setting password..";
+ Pass = "{crypt}" + Pass;
+ shadowLast = str(int(time.time()/24/60/60));
+ l.modify_s(UserDn,[(ldap.MOD_REPLACE,"userPassword",Pass),
+ (ldap.MOD_REPLACE,"shadowLastChange",shadowLast)]);
+ Attrs[0][1]["userPassword"] = [Pass];
+ Attrs[0][1]["shadowLastChange"] = [shadowLast];
+ continue;
+
+ # Lock account
+ if Response == 'L' and RootMode == 1:
+ Resp = raw_input("Really lock account? [no/yes]");
+ if Resp != "yes":
+ continue;
+
+ print "Setting password..";
+ Lock(UserDn, Attrs)