Re: Novell Netware 4.X Hidden user accounts

From: Robert MACDONALD (RMACDONALDat_private)
Date: Fri Apr 17 1998 - 09:37:07 PDT

Next message: John McDonald: "(no subject)"

Previous message: Josh Richards: "Re: code to crash radiusd"
Maybe in reply to: jdrodriguezat_private: "Novell Netware 4.X Hidden user accounts"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Look for HOBJLOC on Novells or Fastlanes site. This is a hidden object
locator. I use it to see if I have gained any of these little creatures...

Best of Luck!
Robert


* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
Robert P. MacDonald (rmacdonaldat_private)
Systems, Network & Security Analyst
Perrigo Company, Allegan, Michigan


>>> <jdrodriguezat_private> 04/16 3:59 PM >>>
Command
        Creating user accounts
Systems Affectted
        Netware 4.X
Problem
Netware allows a user account to become "hidden" and unable to be
managed by native Netware tools including deleting the account.

The following MUST be done as an admin(supervisor)
1)  Start NWADMIN
2)  Create a user
3)  Give the user supervisor equivalence
(Note:  Not required, but why not)
4)  Right click on the user.
5)  Select Trustees
6)  Delete Root and Public trustees
7)  Select the user and change its rights(Object and Property)
8)  Assign ONLY Supervisor
9)  Select Inherited Rights Filter
10) Deselect all values(NO boxes should be marked)
11) Return to main NWADMIN screen(HIT OK TWICE, I think)
12) Refresh the screen(Can be done by clicking on the tree name where
the user account was created)
13) The user account is GONE.

Execute some native Netware commands.  Try this one which will list all
detailed information on all users.
        NLIST USER /D
The newly created account is now missing.

Now try to assign a password to the account.
        SETPASS USERNAME
You get an error message stating that you must be a manager to change
the password.

Solution:  Unknown
Workaround:
To delete this account.  You must start the server in bindery mode.  Add
SET BINDERY CONTEXT command in AUTOEXEC.NCF(Note: You must set the
context to the one
in which the account was created).  Utilize the USERDUMP tool to ID the
account, if you have not done so already.  Next, use CHGPASS to change
the user accounts password.  Login in as that user, and reverse the
previous procedure to hide the user account.  Specifically, adding
PUBLIC and ROOT as trustees.  USERDUMP and CHGPASS are publicly
available tools.

Next message: John McDonald: "(no subject)"
Previous message: Josh Richards: "Re: code to crash radiusd"
Maybe in reply to: jdrodriguezat_private: "Novell Netware 4.X Hidden user accounts"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:49:31 PDT