salt.modules.mac_shadow¶
Manage macOS local directory passwords and policies
New in version 2016.3.0.
Note that it is usually better to apply password policies through the creation of a configuration profile.
- salt.modules.mac_shadow.del_password(name)¶
Deletes the account password
- Parameters:
name (str) -- The user name of the account
- Returns:
True if successful, otherwise False
- Return type:
- Raises:
CommandExecutionError on user not found or any other unknown error
CLI Example:
salt '*' shadow.del_password username
- salt.modules.mac_shadow.get_account_created(name)¶
Get the date/time the account was created
- Parameters:
name (str) -- The username of the account
- Returns:
The date/time the account was created (yyyy-mm-dd hh:mm:ss) or 0 if the value is not defined
- Return type:
- Raises:
CommandExecutionError on user not found or any other unknown error
CLI Example:
salt '*' shadow.get_account_created admin
- salt.modules.mac_shadow.get_change(name)¶
Gets the date on which the password expires
- Parameters:
name (str) -- The name of the user account
- Returns:
The date the password will expire
- Return type:
- Raises:
CommandExecutionError on user not found or any other unknown error
CLI Example:
salt '*' shadow.get_change username
- salt.modules.mac_shadow.get_expire(name)¶
Gets the date on which the account expires
- Parameters:
name (str) -- The name of the user account
- Returns:
The date the account expires
- Return type:
- Raises:
CommandExecutionError on user not found or any other unknown error
CLI Example:
salt '*' shadow.get_expire username
- salt.modules.mac_shadow.get_last_change(name)¶
Get the date/time the account was changed
- Parameters:
name (str) -- The username of the account
- Returns:
The date/time the account was modified (yyyy-mm-dd hh:mm:ss) or 0 if the value is not defined
- Return type:
- Raises:
CommandExecutionError on user not found or any other unknown error
CLI Example:
salt '*' shadow.get_last_change admin
- salt.modules.mac_shadow.get_login_failed_count(name)¶
Get the number of failed login attempts
- Parameters:
name (str) -- The username of the account
- Returns:
The number of failed login attempts. 0 may mean there are no failed login attempts or the value is not defined
- Return type:
- Raises:
CommandExecutionError on user not found or any other unknown error
CLI Example:
salt '*' shadow.get_login_failed_count admin
- salt.modules.mac_shadow.get_login_failed_last(name)¶
Get the date/time of the last failed login attempt
- Parameters:
name (str) -- The username of the account
- Returns:
The date/time of the last failed login attempt on this account (yyyy-mm-dd hh:mm:ss) or 0 if the value is not defined
- Return type:
- Raises:
CommandExecutionError on user not found or any other unknown error
CLI Example:
salt '*' shadow.get_login_failed_last admin
- salt.modules.mac_shadow.get_maxdays(name)¶
Get the maximum age of the password
- Parameters:
name (str) -- The username of the account
- Returns:
The maximum age of the password in days
- Return type:
- Raises:
CommandExecutionError on user not found or any other unknown error
CLI Example:
salt '*' shadow.get_maxdays admin 90
- salt.modules.mac_shadow.info(name)¶
Return information for the specified user
- Parameters:
name (str) -- The username
- Returns:
A dictionary containing the user's shadow information
- Return type:
CLI Example:
salt '*' shadow.info admin
- salt.modules.mac_shadow.set_change(name, date)¶
Sets the date on which the password expires. The user will be required to change their password. Format is mm/dd/yyyy
- Parameters:
name (str) -- The name of the user account
date (date) -- The date the password will expire. Must be in mm/dd/yyyy format.
- Returns:
True if successful, otherwise False
- Return type:
- Raises:
CommandExecutionError on user not found or any other unknown error
CLI Example:
salt '*' shadow.set_change username 09/21/2016
- salt.modules.mac_shadow.set_expire(name, date)¶
Sets the date on which the account expires. The user will not be able to login after this date. Date format is mm/dd/yyyy
- Parameters:
name (str) -- The name of the user account
date (datetime) -- The date the account will expire. Format must be mm/dd/yyyy.
- Returns:
True if successful, False if not
- Return type:
- Raises:
CommandExecutionError on user not found or any other unknown error
CLI Example:
salt '*' shadow.set_expire username 07/23/2015
- salt.modules.mac_shadow.set_inactdays(name, days)¶
Set the number if inactive days before the account is locked. Not available in macOS
- Parameters:
- Returns:
Will always return False until macOS supports this feature.
- Return type:
CLI Example:
salt '*' shadow.set_inactdays admin 90
- salt.modules.mac_shadow.set_maxdays(name, days)¶
Set the maximum age of the password in days
- Parameters:
- Returns:
True if successful, False if not
- Return type:
- Raises:
CommandExecutionError on user not found or any other unknown error
CLI Example:
salt '*' shadow.set_maxdays admin 90
- salt.modules.mac_shadow.set_mindays(name, days)¶
Set the minimum password age in days. Not available in macOS.
- Parameters:
- Returns:
Will always return False until macOS supports this feature.
- Return type:
CLI Example:
salt '*' shadow.set_mindays admin 90
- salt.modules.mac_shadow.set_password(name, password)¶
Set the password for a named user (insecure, the password will be in the process list while the command is running)
- Parameters:
- Returns:
True if successful, otherwise False
- Return type:
- Raises:
CommandExecutionError on user not found or any other unknown error
CLI Example:
salt '*' mac_shadow.set_password macuser macpassword
- salt.modules.mac_shadow.set_warndays(name, days)¶
Set the number of days before the password expires that the user will start to see a warning. Not available in macOS
- Parameters:
- Returns:
Will always return False until macOS supports this feature.
- Return type:
CLI Example:
salt '*' shadow.set_warndays admin 90
