I've gone ahead and submitted issue #8770. Thanks
On 3/23/2021 12:53 PM, Rob Crittenden wrote:
Stephen Berg, Code 7309 via FreeIPA-users wrote:
> Is there any method to use ipa-epn to get a report on already expired
> passwords? I tried using negative numbers in the to-nbdays and
> from-nbdays but it doesn't allow that. I've got some accounts that are
> still active but due to the broad expansion of teleworking they haven't
> been used much and now have expired passwords.
>
There is no way in the tool to do it. If you want to open an issue
https://pagure.io/freeipa/new_issue with your request we can take a look.
If you're familiar with LDAP you can probably run the tool for current
users then tweak the query it sends to match your needs as a manual
workaround.
rob
--
Stephen Berg, IT Specialist, Ocean Sciences Division, Code 7309
Naval Research Laboratory
W: (228) 688-5738 <- (Preferred contact)
DSN: (312) 823-5738
C: (228) 365-0162