The OpenNET Project
 
Search (keywords):  SOFT ARTICLES TIPS & TRICKS SECURITY
LINKS NEWS MAN DOCUMENTATION


Novell Netware 4.X Hidden user accounts


<< Previous INDEX Search src Set bookmark Go to bookmark Next >>
X-RDate: Sat, 18 Apr 1998 16:19:53 +0600 (YEKST)
X-UIDL: 35317d340000006a
Date: Fri, 17 Apr 1998 11:37:07 -0500
From: Robert MACDONALD <[email protected]>
To: [email protected]
Subject: Re: Novell Netware 4.X Hidden user accounts

Look for HOBJLOC on Novells or Fastlanes site. This is a hidden object
locator. I use it to see if I have gained any of these little creatures...

Best of Luck!
Robert


* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
Robert P. MacDonald ([email protected])
Systems, Network & Security Analyst
Perrigo Company, Allegan, Michigan


>>> <[email protected]> 04/16 3:59 PM >>>
Command
        Creating user accounts
Systems Affectted
        Netware 4.X
Problem
Netware allows a user account to become "hidden" and unable to be
managed by native Netware tools including deleting the account.

The following MUST be done as an admin(supervisor)
1)  Start NWADMIN
2)  Create a user
3)  Give the user supervisor equivalence
(Note:  Not required, but why not)
4)  Right click on the user.
5)  Select Trustees
6)  Delete Root and Public trustees
7)  Select the user and change its rights(Object and Property)
8)  Assign ONLY Supervisor
9)  Select Inherited Rights Filter
10) Deselect all values(NO boxes should be marked)
11) Return to main NWADMIN screen(HIT OK TWICE, I think)
12) Refresh the screen(Can be done by clicking on the tree name where
the user account was created)
13) The user account is GONE.

Execute some native Netware commands.  Try this one which will list all
detailed information on all users.
        NLIST USER /D
The newly created account is now missing.

Now try to assign a password to the account.
        SETPASS USERNAME
You get an error message stating that you must be a manager to change
the password.

Solution:  Unknown
Workaround:
To delete this account.  You must start the server in bindery mode.  Add
SET BINDERY CONTEXT command in AUTOEXEC.NCF(Note: You must set the
context to the one
in which the account was created).  Utilize the USERDUMP tool to ID the
account, if you have not done so already.  Next, use CHGPASS to change
the user accounts password.  Login in as that user, and reverse the
previous procedure to hide the user account.  Specifically, adding
PUBLIC and ROOT as trustees.  USERDUMP and CHGPASS are publicly
available tools.

<< Previous INDEX Search src Set bookmark Go to bookmark Next >>



Партнёры:
PostgresPro
Inferno Solutions
Hosting by Hoster.ru
Хостинг:

Закладки на сайте
Проследить за страницей
Created 1996-2024 by Maxim Chirkov
Добавить, Поддержать, Вебмастеру