If you are a linux guy trapped in a corporate windows environment with an active directory domain controller and annoying password policies, this tool is for you. It checks the expiration of your active directory password on your linux machine. If the password will expire in a given time, a popup is shown where you can directly change it:
- smbpasswd must be installed
- Java 6 must be installed
- JAVA_HOME environment variable has to be set
- SMB share must be mounted with fstab and a credentials file
- Create install directory:
sudo mkdir /opt/ad-password-handler
- Download necessary files:
sudo wget https://raw.githubusercontent.com/chrisipa/ad-password-handler/master/bin/ad-password-handler -O /opt/ad-password-handler/ad-password-handler
sudo wget https://papke.it/jenkins/job/ad-password-handler/lastStableBuild/de.papke%24ad-password-handler/artifact/de.papke/ad-password-handler/1.0.3/ad-password-handler-1.0.3.jar -O /opt/ad-password-handler/ad-password-handler.jar
- Make starter script executable:
sudo chmod +x /opt/ad-password-handler/ad-password-handler
- Create the config directory:
mkdir ~/.ad-password-handler
- Create the SMB credentials file with your user account data:
vi ~/.ad-password-handler/smb.properties
...
username=my-username
password=my-password
domain=my-domain
- Create the AD configuration file with system user account data:
vi ~/.ad-password-handler/ad.properties
...
host=my-ad-controller-hostname-or-ip
port=389
baseDn=DC=my,DC=domain,DC=grp
userDn=CN=Name,OU=Group,OU=Users,OU=Organisation,DC=my,DC=domain,DC=grp
userSecret=Password
- You can get your AD configuration with a tool called AD-Explorer
- For security reasons you should be the only one who can read the config directory:
chown -R myuser.mygroup ~/.ad-password-handler
chmod -R 700 ~/.ad-password-handler
- Show help text:
/opt/ad-password-handler/ad-password-handler --help
usage: ad-password-handler
-c,--config-dir <arg> Config directory with smb credentials and
ad configuration
[default: ~/.ad-password-handler]
-d,--days-till-warning <arg> Days until password expiration to show
warning
[default: 14]
-h,--help Print this help text
- Run directly from console:
/opt/ad-password-handler/ad-password-handler
- Setup as session script:
gnome-session-properties -> add script
- Share your SMB credentials with fstab:
sudo vi /etc/fstab
...
//10.10.10.1/share /media/share smbfs credentials=/home/myuser/.ad-password-handler/smb.properties,uid=1000,gid=1000 0 0