Skyport is working hard to help customers recover from recent attacks, like the Petya worm. This work has brought to light some important lessons. New malware attacks like this can take down your entire environment. Learn from others mistakes on how to prevent Petya like worms.
Solved
Automated password change in Netware 4.11
Posted on 1998-10-29
Since a few weeks I am a network administrator.
I would like to enhance security by automatically changing the user passwords twice a year.
Since we have over 100 users, I don't have the time to manually change each user's password.
So what I need is a simple way to change passwords (maybe a simple program that uses a
database file with user account and new password ?)
I tried to use the Winbatch language from WilsonWare, but
I have to supply the old password before I can issue a new one !
I know that , when logged in as supervisor or admin, you don't need to use the old password to enter
a new one, but I don't want to change all passwords manually. I want this done automatically !!!
Storing the passwords in a file is not a hole in security, because the file is protected by netware
security !!
I would like to enhance security by automatically changing the user passwords twice a year.
Since we have over 100 users, I don't have the time to manually change each user's password.
So what I need is a simple way to change passwords (maybe a simple program that uses a
database file with user account and new password ?)
I tried to use the Winbatch language from WilsonWare, but
I have to supply the old password before I can issue a new one !
I know that , when logged in as supervisor or admin, you don't need to use the old password to enter
a new one, but I don't want to change all passwords manually. I want this done automatically !!!
Storing the passwords in a file is not a hole in security, because the file is protected by netware
security !!
[X]
Welcome to Experts Exchange
Add your voice to the tech community where 5M+ people just like you are talking about what matters.
- Help others & share knowledge
- Earn cash & points
- Learn & ask questions
-
3
-
2
- +2
8 Comments
First, having new passwords in a file is a HUGE security hole. I would suggest setting a password expiration time together with a minimum length allowed. Don't forget to add intruder lockout (good idea is to lock out the account for 1 minute after one or two bad attempts - makes brute force crackers unusable), packet signing, and don't allow unencrypted passwords.
If you still want to set passwords your way, I would suggest writing a small application using the Netware API that will do the job for you.
I don't know anything about WilsonWare; however, you can change users' passwords WITHOUT typing in the old ones, IF you are logged in as admin or supervisor.
HTH, joe
If you still want to set passwords your way, I would suggest writing a small application using the Netware API that will do the job for you.
I don't know anything about WilsonWare; however, you can change users' passwords WITHOUT typing in the old ones, IF you are logged in as admin or supervisor.
HTH, joe
![[Webinar] Lessons on Recovering from Petya](https://filedb.experts-exchange.com/files/public/2017/7/11/dcb3272a-62a8-4274-a34e-d1771610ec3b.png)
In my network all people have to change her password each month. In the NDS you can chek a case how said Force Periodic Change Password and you can choice each year or each month ...
For a lot of people, create a group, assign all people at the group and change this parameter in the group
For a lot of people, create a group, assign all people at the group and change this parameter in the group
First, having passwords in a file IS a security hole, since the Netware security is not bulletproof - you can accidentally leave your workstation or server unattended, or perhaps there is one unhonest person on your box who knows a little more about Netware. And, it is a ten times bigger disaster if someone has all the passwords, instead of having just one or two.
Second, to your question - as I said above, it should not be too hard to write a utility that would change passwords. Details about Netware calls can be found e.g. in the Ralph Brown's Interrupt List, another good idea might be getting the Netware SDK (available from Novell free of charge.) - further details depend on which version of netware are you using, what compilers do you have available (Pascal? C, C++?), etc.
Joe
Second, to your question - as I said above, it should not be too hard to write a utility that would change passwords. Details about Netware calls can be found e.g. in the Ralph Brown's Interrupt List, another good idea might be getting the Netware SDK (available from Novell free of charge.) - further details depend on which version of netware are you using, what compilers do you have available (Pascal? C, C++?), etc.
Joe
It's a fairly strange requirement you have, which is most likely the reason why no one has suggested a commercial/shareware utility that will do the job. If you really must go ahead with it, you may find it easier to use Novell's ActiveX components with VB. The learning curve for the NetWare C/C++ SDK is fairly steep and it will take you a while to come up to speed. Just learning all the Novell typedefs is a huge task. If you're not fluent in C then forget it. It might be an idea to encrypt your password database. ActiveX components available from developer.novell.com.
Nobody didn't tell you, so in case you need some help...
First, I assume you have 4.11 Netware (3.12 is a security hole - it has no security)
To make all users change their passwords immidiatly (filename pass.ctl):
Run NWADMIN
Select all the users (or select a group)
Select Details on multipal users
Then make the changes you need (password expiration time together with a mnimum length allowed).
To change all the users passwords automaticly:
Create a text file which contains these lines (filename pass.dat):
Import Control
Import Mode = U
Fields
Name,Password
Then create another text file contains these lines:
<Login_Name#1>,<New_Passwo
<Login_Name#2>,<New_Passwo
<Login_Name#3>,<New_Passwo
<Login_Name#4>,<New_Passwo
ETC.
*You may use unlimited number of users.
Then log as ADMIN and run the command:
Uimport Pass.ctl Pass.dat
Now each user has a new password.
It would take no time to create a program which create random new passoword.
HTH,
Saar Carmi
saar@bigfoot.com
ICQ#: 3233305
First, I assume you have 4.11 Netware (3.12 is a security hole - it has no security)
To make all users change their passwords immidiatly (filename pass.ctl):
Run NWADMIN
Select all the users (or select a group)
Select Details on multipal users
Then make the changes you need (password expiration time together with a mnimum length allowed).
To change all the users passwords automaticly:
Create a text file which contains these lines (filename pass.dat):
Import Control
Import Mode = U
Fields
Name,Password
Then create another text file contains these lines:
<Login_Name#1>,<New_Passwo
<Login_Name#2>,<New_Passwo
<Login_Name#3>,<New_Passwo
<Login_Name#4>,<New_Passwo
ETC.
*You may use unlimited number of users.
Then log as ADMIN and run the command:
Uimport Pass.ctl Pass.dat
Now each user has a new password.
It would take no time to create a program which create random new passoword.
HTH,
Saar Carmi
saar@bigfoot.com
ICQ#: 3233305
Featured Post
ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.
One of a set of tools we're offering as a way to say thank you for being a part of the community.
Question has a verified solution.
If you are experiencing a similar issue, please ask a related question
When trying to connect from SSMS v17.x to a SQL Server Integration Services 2016 instance or previous version, you get the error “Connecting to the Integration Services service on the computer failed with the following error: 'The specified service …
Without even knowing it, most of us are using web applications on a daily basis.  In fact, Gmail and Yahoo email, Twitter, Facebook, and eBay are used by most of us daily—and they are web applications. We generally confuse these web applications to…
In this brief tutorial Pawel from AdRem Software explains how you can quickly find out which services are running on your network, or what are the IP addresses of servers responsible for each service. Software used is freeware NetCrunch Tools (https…
Want to learn how to record your desktop screen without having to use an outside camera. Click on this video and learn how to use the cool google extension called "Screencastify"!
Step 1: Open a new google tab
Step 2: Go to the left hand upper corn…
Suggested Courses
Course of the Month8 days, 11 hours left to enroll
721 members asked questions and received personalized solutions in the past 7 days.
Join the community of 500,000 technology professionals and ask your questions.