One liner command to retrieve list of active users - IPA/Red Hat IDM

It's possible to get a list of users of active users in IDM/IPA with formatted date and time by running this one liner command. It gets you the list of users with last successsful authentications to IDM/IPA server. Very handy command when it's required for Audit purposes. It will also give you the list of users who last changed password and you can modify it according to your requirements.

Run the following commands to get the following

To get list of active users

# ipa user-find --all --raw | grep -iE '(dn:|krbLastSuccessfulAuth)' | cut -d ',' -f1 | cut -d: -f2 |  sed -re 's/([0-9]{4})([0-9]{2})([0-9]{2})([0-9]{2})([0-9]{2})([0-9]+)Z/\3-\2-\1 \4:\5:\6/' 

Output:

[user@idm ~]$ ipa user-find --all --raw | grep -iE '(dn:|krbLastSuccessfulAuth)' | cut -d ',' -f1 | cut -d: -f2 |  sed -re 's/([0-9]{4})([0-9]{2})([0-9]{2})([0-9]{2})([0-9]{2})([0-9]+)Z/\3-\2-\1 \4:\5:\6/'
uid=admin
 09-03-2016 15:25:16
 uid=faizan.ahmed
 01-03-2016 08:17:17
 uid=farooq.ahmed
 09-03-2016 16:47:26
 uid=spacewalk.user
 01-02-2016 16:10:29
 uid=vadmin
 29-02-2016 15:16:31
 uid=vcsa.user
 09-03-2016 14:23:29

To get list of users who last changed their password

# ipa user-find --all --raw | grep -iE '(dn:|krblastpwdchange)' | cut -d ',' -f1 | cut -d: -f2 |  sed -re 's/([0-9]{4})([0-9]{2})([0-9]{2})([0-9]{2})([0-9]{2})([0-9]+)Z/\3-\2-\1 \4:\5:\6/'

Output:

[user@idm ~]$ ipa user-find --all --raw | grep -iE '(dn:|krblastpwdchange)' | cut -d ',' -f1 | cut -d: -f2 |  sed -re 's/([0-9]{4})([0-9]{2})([0-9]{2})([0-9]{2})([0-9]{2})([0-9]+)Z/\3-\2-\1 \4:\5:\6/'
 uid=admin
 29-12-2015 10:55:53
 uid=faizan.ahmed
 01-03-2016 08:16:40
 uid=farooq.ahmed
 29-12-2015 12:16:05
 uid=spacewalk.user
 01-02-2016 15:57:03
 uid=vadmin
 24-02-2016 23:30:17
 uid=vcsa.user
 09-03-2016 14:22:18

 And so forth as required you can change the krb command.

That's it and please do let us know via Contact Us if you come across any issues.

Infra Related Articles....

It's now possible to install both Puppet Master and Agent on the same host with different certs for each, to...
This article shows you how to Automate iptables for the whole infrastructure (linux/unix) and maintain the state during the lifecycle...
When adding multiple users in IDM/freeIPA its a pain inputting each user and its time consuming. This script/one liner allows...
This article covers the setup and configuration of PuppetDB and Puppetmaster on separate nodes/hosts. I have used PostgreSQL as PuppetDB...
The process of upgrading Red Hat Satellite 5.6 to 5.7 is fairly simple if you follow the steps properly and...
Joomla! Україна