Need some direction on creating shell script for following environment:
We have about 20 people in the team working as Oracle DBA's (sysdba's and appdba's). Total Servers which is a mix of Unix and Linux are 200. We do not have Root user access on any of the servers and neither we can install Expect at the moment. Each user has its own id to access the server host. Once we log in to the Unix or Linux server we access Oracle by sudo accounts created.
The requirement is to change the password on all the servers remotely after 45 days whic we would like to do via shell script.
I do not have any expertise on scripting and will be researching once I have some directions from you guys.
Each platform could have different hash types... so direct manipulation of passwords could be difficult (that is, replacing the hash itself... not that repeating hashes is necessarily a good practice anyhow).... so you can either expore "expect" like wrappers around the password command and make remote ssh invocations (you want something that will doesn't expose the passwords via clear text on the wire).... or maybe it's time to consider some form of centralized auth (?) On some linux distros there are tools for setting a password in a "batch" style as well, but nothing universal. Even an expect script on each host might have to be tuned depending on the platforms and the response strings returned. There are some examples that come with expect. You might want to take a look at it. I think it's primary dependency is tcl.
