Manage macOS local directory passwords and policies
New in version 2016.3.0.
Note that it is usually better to apply password policies through the creation of a configuration profile.
salt.modules.mac_shadow.del_password(name)¶Deletes the account password
| Parameters: | name (str) – The user name of the account |
|---|---|
| Returns: | True if successful, otherwise False |
| Return type: | bool |
| Raises: | CommandExecutionError on user not found or any other unknown error |
CLI Example:
salt '*' shadow.del_password username
salt.modules.mac_shadow.get_account_created(name)¶Get the date/time the account was created
| Parameters: | name (str) – the username of the account |
|---|---|
| Returns: | the date/time the account was created (yyyy-mm-dd hh:mm:ss) |
| Return type: | str |
| Raises: | CommandExecutionError on user not found or any other unknown error |
CLI Example:
salt '*' shadow.get_account_created admin
salt.modules.mac_shadow.get_change(name)¶Gets the date on which the password expires
| Parameters: | name (str) – the name of the user account |
|---|---|
| Returns: | The date the password will expire |
| Return type: | str |
| Raises: | CommandExecutionError on user not found or any other unknown error |
CLI Example:
salt '*' shadow.get_change username
salt.modules.mac_shadow.get_expire(name)¶Gets the date on which the account expires
| Parameters: | name (str) – the name of the user account |
|---|---|
| Returns: | the date the account expires |
| Return type: | str |
| Raises: | CommandExecutionError on user not found or any other unknown error |
CLI Example:
salt '*' shadow.get_expire username
salt.modules.mac_shadow.get_last_change(name)¶Get the date/time the account was changed
| Parameters: | name (str) – the username of the account |
|---|---|
| Returns: | the date/time the account was modified (yyyy-mm-dd hh:mm:ss) |
| Return type: | str |
| Raises: | CommandExecutionError on user not found or any other unknown error |
CLI Example:
salt '*' shadow.get_last_change admin
salt.modules.mac_shadow.get_login_failed_count(name)¶Get the the number of failed login attempts
| Parameters: | name (str) – the username of the account |
|---|---|
| Returns: | The number of failed login attempts |
| Return type: | int |
| Raises: | CommandExecutionError on user not found or any other unknown error |
CLI Example:
salt '*' shadow.get_login_failed_count admin
salt.modules.mac_shadow.get_login_failed_last(name)¶Get the date/time of the last failed login attempt
| Parameters: | name (str) – the username of the account |
|---|---|
| Returns: | the date/time of the last failed login attempt on this account |
(yyyy-mm-dd hh:mm:ss) :rtype: str
| Raises: | CommandExecutionError on user not found or any other unknown error |
|---|
CLI Example:
salt '*' shadow.get_login_failed_last admin
salt.modules.mac_shadow.get_maxdays(name)¶Get the maximum age of the password
| Parameters: | name (str) – the username of the account |
|---|---|
| Returns: | the maximum age of the password in days |
| Return type: | int |
| Raises: | CommandExecutionError on user not found or any other unknown error |
CLI Example:
salt '*' shadow.get_maxdays admin 90
salt.modules.mac_shadow.info(name)¶Return information for the specified user
| Parameters: | name (str) – the username |
|---|---|
| Returns: | A dictionary containing the user’s shadow information |
| Return type: | dict |
CLI Example:
salt '*' shadow.info admin
salt.modules.mac_shadow.set_change(name, date)¶Sets the date on which the password expires. The user will be required to change their password. Format is mm/dd/yyyy
| Parameters: |
|
|---|
format.
| Returns: | True if successful, otherwise False |
|---|---|
| Return type: | bool |
| Raises: | CommandExecutionError on user not found or any other unknown error |
CLI Example:
salt '*' shadow.set_change username 09/21/2016
salt.modules.mac_shadow.set_expire(name, date)¶Sets the date on which the account expires. The user will not be able to login after this date. Date format is mm/dd/yyyy
| Parameters: |
|
|---|
mm/dd/yyyy
| Returns: | True if successful, False if not |
|---|---|
| Return type: | bool |
| Raises: | CommandExecutionError on user not found or any other unknown error |
CLI Example:
salt '*' shadow.set_expire username 07/23/2015
salt.modules.mac_shadow.set_inactdays(name, days)¶Set the number if inactive days before the account is locked. Not available in macOS
| Parameters: |
|
|---|---|
| Returns: | Will always return False until macOS supports this feature. |
| Return type: | bool |
CLI Example:
salt '*' shadow.set_inactdays admin 90
salt.modules.mac_shadow.set_maxdays(name, days)¶Set the maximum age of the password in days
| Parameters: |
|
|---|---|
| Returns: | True if successful, False if not |
| Return type: | bool |
| Raises: | CommandExecutionError on user not found or any other unknown error |
CLI Example:
salt '*' shadow.set_maxdays admin 90
salt.modules.mac_shadow.set_mindays(name, days)¶Set the minimum password age in days. Not available in macOS.
| Parameters: |
|
|---|---|
| Returns: | Will always return False until macOS supports this feature. |
| Return type: | bool |
CLI Example:
salt '*' shadow.set_mindays admin 90
salt.modules.mac_shadow.set_password(name, password)¶Set the password for a named user (insecure, the password will be in the process list while the command is running)
| Parameters: | name (str) – The name of the local user, which is assumed to be in the |
|---|
local directory service
| Parameters: | password (str) – The plaintext password to set |
|---|---|
| Returns: | True if successful, otherwise False |
| Return type: | bool |
| Raises: | CommandExecutionError on user not found or any other unknown error |
CLI Example:
salt '*' mac_shadow.set_password macuser macpassword
salt.modules.mac_shadow.set_warndays(name, days)¶Set the number of days before the password expires that the user will start to see a warning. Not available in macOS
| Parameters: |
|
|---|---|
| Returns: | Will always return False until macOS supports this feature. |
| Return type: | bool |
CLI Example:
salt '*' shadow.set_warndays admin 90