# passwd_check.pl <group>
#  Checks that members of <group> have passwords set, 
#  and that they are not the same as their user name.

$p4 = "p4";

$group = $ARGV[0];
die "Specify a group name, please." if ( !$group );

$ucount1 = 0;
$ucount2 = 0;
@unsafe = ();

@out = `$p4 -Ztag group -o $group`;
foreach( @out )
{
   chomp;
   next if ( !/\.\.\. Users[\d]+ (.*)/ );

   $user = $1;
   $ucount1++;

   $_ = `$p4 -u $user -P $user -c noemail changes -m1 2>&1`;
   next if ( !/^Change/ );

   push @unsafe, $user;
   $ucount2++;
}

foreach( @unsafe )
{
   print "$_ has no password!\n";
}

print "\n$ucount2 of $ucount1 users were found to be insecure.\n";
if ( $ucount2 == 0 ) { exit 0; }
print "Want to lock them all out?\n";

$_ = <STDIN>;
if ( !/^y/i ) { die "Maybe next time, then.\n"; }

foreach( @unsafe )
{
   $lock = rand();
   print "Locking $_...";
   print `$p4 -u $_ passwd -P $lock`;
}