How to enable 'Force Password Change' Field for batch processing

Hi!

You can use ldbutil to manipulate records in the local db on the command line.

The following command lists the users and all the attributes. You can either provide your own list or use something like this to generate it.

[root@apm-host:Active:Standalone] config  ldbutil --list
uid="825" uname="test_user" instance="/Common/test" password="{SSHA}xxxxxxxx" user_groups="VPNUser" login_failures="0" passwd_expire="NULL" lockout_start="0" ttl="1421350493" dynamic_user="0" deleted="0" suspended="0" locked_out="0" change_passwd="0" last_modified="2015-07-01 13:27:52" first_name="Seth" last_name="Cooper" email="email@domain.com"
FOUND_ROWS()="1"
[root@apm-host:Active:Standalone] config 

Here we will parse the output using awk and sed to get just the username to be used in the next command.

[root@apm-host:Active:Standalone] config  ldbutil --list | awk -F" " '{print $2}' | awk -F"=" '{print $2}' | sed s/\"//g | grep -v "^$"
test_user
[root@apm-host:Active:Standalone] config  

To update the users record you will use the following command. Make sure to have the correct instance configured.

[root@apm-host:Active:Standalone] config  ldbutil --update --uname="test_user" --instance="/Common/test" --change_passwd=1
[root@apm-host:Active:Standalone] config 

You can use the previous commands in a for loop on the command line (simple example below)

for all in `command to create list`
do
command to run and use $all for the uname
done

So this would look like this for these commands:

 for all in `ldbutil --list | awk -F" " '{print $2}' | awk -F"=" '{print $2}' | sed s/\"//g | grep -v "^$"`
do
ldbutil --update --uname="${all}" --instance="/Common/test" --change_passwd=1
done

I hope this helps! Please let me know if you have any additional questions.

-Seth