#!/bin/ksh
# Set last password change date

export TOPDIR=/z/admin/ldap/admin/fedore-ds
. ${TOPDIR}/etc/vars

if [ ! $LDAPDOMAIN ]
then
	LDAPDOMAIN=$DEFAULTLDAPDOMAIN
fi
DNDOMAIN=`echo $LDAPDOMAIN | sed -e "s/^/dc=/g" -e "s/\./,dc=/g"`

TODAY=`dse`
EARLIEST=`expr $TODAY - 120`

if [ ${1:-notset} = "notset" ]
then
	echo "Usage: $0 username [day last changed (default=today)]"
	exit 1
else
	USER=$1
fi

if [ ${2:-notset} = "notset" ]
then
	PWLASTCHG=$TODAY
else
	if [ $2 -lt $EARLIEST -o $2 -gt $TODAY ]	
	then
		echo "Enter days between $EARLEST (120 days ago) and $TODAY (today)"
	        exit 1
	else
		PWLASTCHG=$2
	fi
fi

TODAY=`dse`
cat ${LDIFTMPLTDIR}/pwlast.ldif | sed -e "s/DNDOMAIN/${DNDOMAIN}/" -e "s/PWLASTCHG/${PWLASTCHG}/" -e "s/UID/${USER}/" > ${WORKDIR}/pwlast-${USER}.ldif
ldapmodify -x -w $DIRMGRPW -D "cn=Directory Manager" -h $LDAPSERVER -f ${WORKDIR}/pwlast-${USER}.ldif