Manage macOS local directory passwords and policies
New in version 2016.3.0.
Note that it is usually better to apply password policies through the creation of a configuration profile.
Deletes the account password
Parameters: | name (str) -- The user name of the account |
---|---|
Returns: | True if successful, otherwise False |
Return type: | bool |
Raises: | CommandExecutionError on user not found or any other unknown error |
CLI Example:
salt '*' shadow.del_password username
Get the date/time the account was created
Parameters: | name (str) -- The username of the account |
---|---|
Returns: | The date/time the account was created (yyyy-mm-dd hh:mm:ss) |
Return type: | str |
Raises: | CommandExecutionError on user not found or any other unknown error |
CLI Example:
salt '*' shadow.get_account_created admin
Gets the date on which the password expires
Parameters: | name (str) -- The name of the user account |
---|---|
Returns: | The date the password will expire |
Return type: | str |
Raises: | CommandExecutionError on user not found or any other unknown error |
CLI Example:
salt '*' shadow.get_change username
Gets the date on which the account expires
Parameters: | name (str) -- The name of the user account |
---|---|
Returns: | The date the account expires |
Return type: | str |
Raises: | CommandExecutionError on user not found or any other unknown error |
CLI Example:
salt '*' shadow.get_expire username
Get the date/time the account was changed
Parameters: | name (str) -- The username of the account |
---|---|
Returns: | The date/time the account was modified (yyyy-mm-dd hh:mm:ss) |
Return type: | str |
Raises: | CommandExecutionError on user not found or any other unknown error |
CLI Example:
salt '*' shadow.get_last_change admin
Get the the number of failed login attempts
Parameters: | name (str) -- The username of the account |
---|---|
Returns: | The number of failed login attempts |
Return type: | int |
Raises: | CommandExecutionError on user not found or any other unknown error |
CLI Example:
salt '*' shadow.get_login_failed_count admin
Get the date/time of the last failed login attempt
Parameters: | name (str) -- The username of the account |
---|---|
Returns: | The date/time of the last failed login attempt on this account (yyyy-mm-dd hh:mm:ss) |
Return type: | str |
Raises: | CommandExecutionError on user not found or any other unknown error |
CLI Example:
salt '*' shadow.get_login_failed_last admin
Get the maximum age of the password
Parameters: | name (str) -- The username of the account |
---|---|
Returns: | The maximum age of the password in days |
Return type: | int |
Raises: | CommandExecutionError on user not found or any other unknown error |
CLI Example:
salt '*' shadow.get_maxdays admin 90
Return information for the specified user
Parameters: | name (str) -- The username |
---|---|
Returns: | A dictionary containing the user's shadow information |
Return type: | dict |
CLI Example:
salt '*' shadow.info admin
Sets the date on which the password expires. The user will be required to change their password. Format is mm/dd/yyyy
Parameters: |
|
---|---|
Returns: |
True if successful, otherwise False |
Return type: | |
Raises: |
CommandExecutionError on user not found or any other unknown error |
CLI Example:
salt '*' shadow.set_change username 09/21/2016
Sets the date on which the account expires. The user will not be able to login after this date. Date format is mm/dd/yyyy
Parameters: |
|
---|---|
Returns: |
True if successful, False if not |
Return type: | |
Raises: |
CommandExecutionError on user not found or any other unknown error |
CLI Example:
salt '*' shadow.set_expire username 07/23/2015
Set the number if inactive days before the account is locked. Not available in macOS
Parameters: | |
---|---|
Returns: |
Will always return False until macOS supports this feature. |
Return type: |
CLI Example:
salt '*' shadow.set_inactdays admin 90
Set the maximum age of the password in days
Parameters: | |
---|---|
Returns: |
True if successful, False if not |
Return type: | |
Raises: |
CommandExecutionError on user not found or any other unknown error |
CLI Example:
salt '*' shadow.set_maxdays admin 90
Set the minimum password age in days. Not available in macOS.
Parameters: | |
---|---|
Returns: |
Will always return False until macOS supports this feature. |
Return type: |
CLI Example:
salt '*' shadow.set_mindays admin 90
Set the password for a named user (insecure, the password will be in the process list while the command is running)
Parameters: | |
---|---|
Returns: |
True if successful, otherwise False |
Return type: | |
Raises: |
CommandExecutionError on user not found or any other unknown error |
CLI Example:
salt '*' mac_shadow.set_password macuser macpassword
Set the number of days before the password expires that the user will start to see a warning. Not available in macOS
Parameters: | |
---|---|
Returns: |
Will always return False until macOS supports this feature. |
Return type: |
CLI Example:
salt '*' shadow.set_warndays admin 90
© 2019 SaltStack.
Licensed under the Apache License, Version 2.0.
https://docs.saltstack.com/en/latest/ref/modules/all/salt.modules.mac_shadow.html