Thanks that worked great. Now that I have all the uids what is the best way to do a mass update on loginShell to /bin/nologin? I'm aware of the plugin that handles this but interested in ideas on doing this manually for now. > On Fri, 2017-04-28 at 08:02 +0200, Michael Ströder wrote: >> William Brown wrote: >> > On Thu, 2017-04-27 at 19:02 +0000, Tus wrote: >> >> Hello 389-users: >> >> >> >> I'm looking to query ldap to get all uid's that have lastlogintime>90 >> >> days. I'm able to get lastlogintime using the command below. What is >> the >> >> the syntax to get it to search all users with lastlogintime>90 days? >> >> >> >> >> >> # ldapsearch -xLLL uid=testuser "(objectclass=*)" lastlogintime >> >> dn: uid=testuser,ou=People,dc=testdomain,dc=test,dc=com >> >> lastlogintime: 20170115162807Z >> >> >> >> I'm running 389 ds-1.2.2 on CentOS 6. >> > >> > I think you should be able to do: >> > >> > '(&(objectClass=*)(lastlogintime>=20170115162807Z))' >> >> I think you meant >> >> (lastlogintime<=20170115162807Z) >> >> to express "last login before 90 days in the past. > > Indeed, I misinterpreted this as "within the last 90 days" rather than > "older than 90 days". > > -- > Sincerely, > > William Brown > Software Engineer > Red Hat, Australia/Brisbane > > _______________________________________________ > 389-users mailing list -- 389-users@xxxxxxxxxxxxxxxxxxxxxxx > To unsubscribe send an email to 389-users-leave@xxxxxxxxxxxxxxxxxxxxxxx > _______________________________________________ 389-users mailing list -- 389-users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to 389-users-leave@xxxxxxxxxxxxxxxxxxxxxxx
