FreeBSD Manual Pages
IPA-EPN(1) IPA Manual Pages IPA-EPN(1) NAME ipa-epn - Send expiring password notifications SYNOPSIS ipa-epn [options] DESCRIPTION ipa-epn provides a method to warn users via email that their IPA ac- count password is about to expire. It can be used in dry-run mode which is recommended during setup. The output is always JSON in this case. It can also be launched daily by its systemd timer. In this case it will parse its configuration file epn.conf(5) and send an email to users whose passwords are expiring within the defined future date ranges. See the OPTIONS section below and the epn.conf(5) man page on how to configure the tool. OPTIONS --to-nbdays <number of days> The --to-nbdays CLI option can be used to determine the number of notifications that would be sent in a given timeframe. If --from-nbdays is not specified, ipa-epn will look within a 24-hour long time range in <number of days> days. if --from-nbdays is specified, the date range starts at --from-nbdays days in the future and ends at --to-nbdays in the future. Together, these two CLI options can be used to determine how many emails would be sent in a specific time in the future. The --to-nbdays CLI option implies --dry-run. --from-nbdays <number of days> See --to-nbdays for an explanation. This option must be used in conjunction with --to-nbdays. --dry-run The --dry-run CLI option is intended to test ipa-epn's configu- ration. For instance, if notify_ttls is set to 21, 14, 3, --dry-run would display the list of users whose passwords would expire in 21, 14, and 3 days in the future. --mail-test The --mail-test CLI option will send an e-mail to the configured smtp_admin value in /etc/ipa/epn.conf. Generic values for the substitution variables are set so this is also useful for test- ing and configuring the mail template. TEMPLATE The template for the e-mail message is contained in /etc/ipa/epn/ex- pire_msg.template. The following template variables are available. User ID: uid Full name: fullname First name: first Last name: Last Password expiration date: expiration EXAMPLES # date Sun 12 Apr 2020 06:23:08 AM CEST # ipa-epn --dry-run [ { "uid": "user5", "cn": "user 5", "krbpasswordexpiration": "2020-04-17 15:51:53", "mail": "['user5@ipa.test']" } ] The IPA-EPN command was successful # ipa-epn --to-nbdays 6 --dry-run [ { "uid": "user5", "cn": "user 5", "krbpasswordexpiration": "2020-04-17 15:51:53", "mail": "['user5@ipa.test']" } ] The IPA-EPN command was successful # ipa-epn --from-nbdays 2 --to-nbdays 6 --dry-run [ { "uid": "user5", "cn": "user 5", "krbpasswordexpiration": "2020-04-17 15:51:53", "mail": "['user5@ipa.test']" } ] The IPA-EPN command was successful # ipa-epn --from-nbdays 8 --to-nbdays 12 --dry-run [ { "uid": "user3", "cn": "user 5", "krbpasswordexpiration": "2020-04-21 00:00:08", "mail": "['user3@ipa.test']" } ] The IPA-EPN command was successful EXIT STATUS The exit status is 0 on success, nonzero on error. SEE ALSO RFE: https://pagure.io/freeipa/issue/3687 Design document: https://github.com/freeipa/freeipa/blob/mas- ter/doc/designs/expiring-password-notification.md KNOWN BUGS None yet. REPORTING BUGS AND ENHANCEMENT IDEAS Please make sure first the issue is not already reported by searching at https://pagure.io/freeipa/issues. If it is not, file a new issue at https://pagure.io/freeipa/new_issue. IPA April 24, 2020 IPA-EPN(1)
NAME | SYNOPSIS | DESCRIPTION | OPTIONS | TEMPLATE | EXAMPLES | EXIT STATUS | SEE ALSO | KNOWN BUGS | REPORTING BUGS AND ENHANCEMENT IDEAS
Want to link to this manual page? Use this URL:
<https://man.freebsd.org/cgi/man.cgi?query=ipa-epn&sektion=1&manpath=FreeBSD+Ports+15.0>