Set Password Admin

We are trying to use the Set Password Admin utility.  Unfortunately, this product is free and unsupported from Novell.  If you are familiar with the utility you know that it allows a user to change passwords without having administrative rights.  We find this extremely promising to reduce the call volume to our Network Support team, by allowing the first level help desk personnel to reset users' passwords.

Here's the problem:  On our network we require users to use Unique passwords.  The setpassword utility doesn't work in this situation.  Here's why...  The utility changes the password to a default password hardcoded in the utility.  Then it uses the existing APIs to allow the SetPass Admin to change the password normally through a new tab in NWAdmin.  It is a new tab, but, like I said, it uses the existing APIs to perform the change of password.  The thing is that after one reset on a user's password, the setpass utility won't work anymore - since the hardcoded password exists in the password history for that user.

If anyone has found a work around for this - or even changed the code (C++ - available with the utility in the download) I would really appreciate their input.
LVL 2
calgerAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

JBirkmannCommented:
define a Group for the first level help desk personnel and
assign only the object property rights for changing unique passwords. The members of the group now can change the unique password property of all users.
If an user has forgotten his password, the help desk members have to change the unique password property, then they can use the change password admin utility, after that they have to reset the unique password property (to activ)
0
calgerAuthor Commented:
We have thought about that - but we don't want to have to constantly administrate this function.  As new sites are added (at the speed of 4-12 servers per week - whew!) we would have to constantly update these users' rights.  We want a one stop fix for this solution.  I guess the best thing would be if someone has modified the code, or could modify the code.  Or someone who knows of a similar utility.

I appreciate the thought!
0
saar2Commented:
I don't know how to slove your problem but anyway - it is strange.

Novell says that you must have rights to the user ACL to change its password - I can't understand how the program does it. If you realy can change the user password with no rights this mean a big hole in the security (a ragular user can change the admin user?!).

If you do have the rights for the ACL just use the Novell's Setpass:

Setpass <Username>

Where can I download this program?

Saar Carmi.

0
Exploring SQL Server 2016: Fundamentals

Learn the fundamentals of Microsoft SQL Server, a relational database management system that stores and retrieves data when requested by other software applications.

calgerAuthor Commented:
SAAR - The utility should be downloadable from the Developers site.  It was written up in a late issue of AppNotes.

There is an NLM that is loaded on one fileserver - this provides the hook into NDS.  It also requires a schema extension.  NWAdmin interfaces with the NLM and allows a common user with no rights to be able to change passwords.  The NLM changes the user's password to a common, known password and then the NWAdmin piece can change the password using the SETPASS API.  Since NWAdmin is already aware of the common password it performs this action:

SETPASS <Username> <Common Password> <New password as defined by the Setpass Admin> <Verify Password>

SAAR - I know you do programming.... do you know C++ well enough to modify the code if you had it?  And if so, do you have an NLM compiler?

Also, I have spoken with an SE at Novell - The original developer of this utility has left Novell.  A new developer in Europe has recently taken on this code and I have requested a code change from him.  But if someone already has performed this change, why reinvent the wheel?
0
calgerAuthor Commented:
0
calgerAuthor Commented:
I doubled the points since I'm asking for someone to actually do some coding.  If anyone thinks the number of points assigned to this questions is unfair, let me know - I have plenty to share......
0
calgerAuthor Commented:
My contacts with Novell are forwarding me a new revision of the code with the changes supposedly built in.  If anyone would like to see this code after I receive it, let me know via email.
0
calgerAuthor Commented:
The new revision of the code from Novell works.
0
jstegallCommented:
Check Darwin Collins web site:
http://www.fastlane.net/homepages/dcollins/welcome.shtml

N4pass is the utility I use, it can be configured to use random or fixed passwords and you can exclude users or groups from the
list it can change,  like Admin your backdoor user or anyone.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
calgerAuthor Commented:
Thanks!  I did look into that utility that you mentioned.  It does everything we need it to do, and more.....too much more.... haha

We're going to stick with the corrected utility from Novell - but thanks for the URL - we're keeping it in case we decide to expand the abilities of our Help Desk.

Thanks again!
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Novell Netware

From novice to tech pro — start learning today.