#!/bin/ksh
# Forces a user to change their password immediately

export TOPDIR=/usr/local/lib/ldap
. ${TOPDIR}/etc/vars

if [ ! $LDAPDOMAIN ]
then
	LDAPDOMAIN=$DEFAULTLDAPDOMAIN
fi

DNDOMAIN=`echo $LDAPDOMAIN | sed -e "s/^/dc=/g" -e "s/\./,dc=/g"`

if [ ${1:-notset} = notset ]
then
	echo "User please"
	exit 1
else
	USER=$1
fi

TODAY=`dse`
MONTHAGO=`expr $TODAY - 30`
YESTERDAY=`expr $TODAY - 1`

cat ${LDIFTMPLTDIR}/pwchg.ldif | sed -e "s/DNDOMAIN/${DNDOMAIN}/" -e "s/YESTERDAY/${YESTERDAY}/" -e "s/TODAY/${TODAY}/" -e "s/UID/${USER}/" > ${WORKDIR}/pwchg-${USER}.ldif
ldapmodify -x -w $DIRMGRPW -D "cn=Directory Manager" -h $LDAPSERVER -f ${WORKDIR}/pwchg-${USER}.ldif