Temporary Break

So, I've hit sort of a slow down here. A few things will keep me away from posting on a schedule.

1. Seasonal family activities
2. Seasonal work load
3. Temporary hold on the Expired Passwords script

This time of year is very busy with family, (uninteresting) work back-log, and deployment of my script is on hold until various stakeholders can get together to talk about deployment.

I'm not ready for this to become a link-blog, so I'll return with new code when I get a chance to explore new scripts and ideas- hopefully mid August.

Put it All Together

After beating myself up over the last post, I rolled up my sleeves and got working logic code and it is sending me notifications of who's account password is expiring. I'm still having trouble with getting useable information out of the LDAP hash. I'm probably doing it wrong, so I've asked for a code review and maybe we'll get to the bottom of how Ruby is doing this. I keep getting values in the format of:

["gcolasurdo"] in stead of just gcolasurdo

when I try to get the cn, mail or other LDAP key field.

First, an outline of my code's logic (based on the previous ColdFusion script):

1. Loop over the relevant OUs (organization units in the LDAP)
2. Query the LDAP
3. If there is an expiration date and mail then...
4. Find the expiration date and calculate the difference from today (script will run daily)
5. If the daydiff is on a warning interval...
6. If the OU is for the College of Nursing or everyone else, prepare personalized email text
7. Then send an email with the details of the impending password expiration

Two questions that came up from the CF code. Should I:

1. Set a timeout at some point so as to not choke the mail relay
2. Log the results

One independent question I had:

1. Should we do anything about already expired passwords (I'm sure the business reason was already set, but as the programmer, I kinda want to make sure)

This is all working locally, so we will need to start in on the deployment process.

Ok, here is the code I'm using:

	# Basic init of arrays
	# Systems and Administration will have to make sure the base
	# organizations are accurate and up to date.
	base_list = [
	"ou=Employee,ou=SOM,o=hsc",
	"ou=Employee,ou=Library,o=hsc",
	"ou=Affiliate,ou=Library,o=hsc",
	"ou=Employee,ou=COP,o=hsc",
	"ou=Employee,ou=CRTC,ou=SOM,o=hsc",
	"ou=Employee,ou=Administration,o=hsc",
	"ou=Employee,ou=CON,o=hsc",
	"ou=Employee,ou=Services,o=hsc",
	"ou=Student,ou=COP,o=hsc",
	"ou=Student,ou=SOM,o=hsc",
	"ou=Student,ou=CON,o=hsc",
	"ou=CON,ou=Trans,o=HSC",
	"ou=HSLIC,ou=Trans,o=HSC"
	]
	# Days until expiration to warn on
	warning_days = [30,14,7,3,2,1]
	# CON has its own email text to send, use this array to find them
	con_mail_exception = [
	"ou=Employee,ou=CON,o=hsc",
	"ou=Student,ou=CON,o=hsc"
	]
	# Actual look up and email code!
	# Start main search by going through each organizational group
	base_list.each do |area|
	puts "Searching #{area}"
	conn = LDAP::SSLConn.new(host, port)
	conn.bind(username, password)
	conn.perror("bind")
	begin
	conn.search(area, scope, filter, attrs) { |entry|
	if entry.vals('passwordExpirationTime').nil? || entry.vals('mail').nil?
	#puts "none"
	else
	pswrd_expire = entry.to_hash()
	# Today's date and the entry's expiaration date split from string to date
	today = Time.now
	expire_date = Time.new(
	pswrd_expire['passwordExpirationTime'].to_s.slice(2,4),
	pswrd_expire['passwordExpirationTime'].to_s.slice(6,2),
	pswrd_expire['passwordExpirationTime'].to_s.slice(8,2)
	)
	# Calculate the remaining days diff/24 hours/60 minues/60 seconds + 1 day
	days_remaining = (((expire_date - today)/24/60/60)+1).to_i
	# For use in the body text
	if days_remaining == 1
	plural_text = "day"
	else
	plural_text = "days"
	end
	if con_mail_exception.include?(area)
	mail_body = "Your HSC NetID password for the account #{pswrd_expire['cn']} will expire in #{days_remaining} #{plural_text}, on #{expire_date.strftime('%m/%d/%Y')}."
	# Add in College of Nursing specific text!
	else
	mail_body ="Your HSC NetID password for the account #{pswrd_expire['cn']} will expire in #{days_remaining} #{plural_text}, on #{expire_date.strftime('%m/%d/%Y')}."
	end
	puts "#{pswrd_expire['sn']} (#{pswrd_expire['mail']})on #{expire_date.strftime('%m/%d/%Y')} in #{days_remaining} #{plural_text}"
	# Add in remaining HSC specific text!
	# Look to see if the days_remaining is on one of the warning intervals and send mail
	if warning_days.include?(days_remaining)
	Pony.mail(
	:to => 'me@unm.edu',
	:via => :smtp,
	:via_options => {
	:address => 'relay.health.unm.edu',
	:port => '25',
	:openssl_verify_mode => 'none'
	},
	:subject => 'Your HSC NetID Password Expires Soon',
	:body => mail_body,
	:from => '"HSC Support" <hscsupport@salud.unm.edu>'
	)
	end
	end
	}
	rescue LDAP::ResultError
	conn.perror("search")
	exit
	end
	conn.perror("search")
	conn.unbind
	end

view raw loop.rb hosted with ❤ by GitHub