How to disable/delete user accounts due to inactivity

#!/bin/bash
#script designed to be cron'd as "opsadmin" from where the script and the password file are located
#this can be configured to run on any ldap server

#setup logging
exec 1> >(logger -s -t $(basename $0)) 2>&1

#source ldap password file
LDAPpwfile=~/.ldappw
echo `cat $LDAPpwfile` | kinit admin &>/dev/null

#establish test dates
TESTdate76=`date "+%Y%m%d%H%M%S" --date='76 days ago'`
TESTdate90=`date "+%Y%m%d%H%M%S" --date='90 days ago'`
TESTdate166=`date "+%Y%m%d%H%M%S" --date='166 days ago'`
TESTdate180=`date "+%Y%m%d%H%M%S" --date='180 days ago'`

for i in $(ipa user-find | awk '/User/ {print $3}'|sort); do
        read time[{1..4}]  $(ipa user-status $i --raw | awk '/krblastsuccessfulauth/ {print $2}' | cut -c 1-14 );
        disabled=`ipa user-status $i --raw  | awk '/disabled/ {print $3}'`;
        times=(`echo "${time[1]} ${time[2]} ${time[3]} ${time[4]}"`);
        latest=`printf "%d\n" "${times[@]}" | sort -rn | head -1` ;
        #warn impending delete
        if [[ $latest -lt $TESTdate166 && $latest -gt $TESTdate180 ]]; then
                echo "ALERT: User: "$i"; Last login: "$latest"; Scheduled for delete due to 180 days inactivity! ";
        #delete users who have not logged in the last 180 days
        elif [[ $latest -lt $TESTdate180 ]]; then
                ipa user-del $i;
                echo "ALERT: User deleted due to 180 days inactivity: "$i;
        #warn impending disable
        elif [[ $latest -lt $TESTdate76 && $latest -gt $TESTdate90 &&  $disabled == "False" ]]; then
                echo "ALERT: User: "$i"; Last login: "$latest"; Scheduled for disable due to 90 days inactivity! ";
        #disable users who have not logged in the last 90 days
        elif [[ $latest -lt $TESTdate90 &&  $disabled == "False" ]]; then
                ipa user-disable $i;
                echo "ALERT: User disabled due to 90 days inactivity: "$i;
        fi
done 2>/dev/null