Solved

NetWare 5.1 Password Questions

Posted on 2004-09-22
6
236 Views
Last Modified: 2012-06-21
Do you know of a password tool that will search for simple Novell username passwords and let us know if they don't meet our 8-character complex password requirement (numbers + letters)?  

Also, is there a password cracking tool that'll allow me to try and crack our user's current passwords to make sure we're secure?  I need to somehow export the user's passwords and test since I don't want to lock out accounts on a live server.
0
Comment
Question by:alfalibra
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
6 Comments
 
LVL 34

Accepted Solution

by:
PsiCop earned 500 total points
ID: 12130141
These queries tread dangerously close to the limits of the EE Member Agreement. Even if I knew I password cracking tools for the NetWare environment, I wouldn't tell you that I did or tell you what they are. That's simply not done around here. If you have a legit need for a security audit, hire a legit security auditing contractor, or go to school to develop the necessary expertise.

There is no password cracking or password export in the NetWare environment. The passwords are not stored in plain text - they are encrypted, using a trapdoor algorithim. There is no way (in theory) to take an encrypted password and reverse the encryption to get the original password. Any cracks have to be brute-force, and that's what the Intruder Lockout function is there to prevent (you DO use Intruder Lockout, right?).

If you want to make sure all user passwords in your organization meet your 8-character minimum, that is simple:

1) Set all accounts to require a password, and to require an 8-character minimum, and to a limited number of grace logins
2) Expire the current password on all existing accounts

You may wish to exempt "service" accounts or accounts with a special purpose. Anyway, all users will be forced to change their password (if they don't, they'll eventually be locked out - how soon that happens depends on the number of grace logins you specify), and the new password will have to be a minimum of 8 characters.

There is, unfortunately, no ready way to enforce a password complexity requirement (only a length requirement) in the stock NetWare environment. You'd have to custom code that, or find someone who's done it in a open-source fashion. I don't know anyone offhand.

I think you will find the JRB Utilities (http://www.jrbsoftware.com) of a great deal of use as you audit your environment. You should invest in such a tool.
0
 
LVL 35

Expert Comment

by:ShineOn
ID: 12132558
What you should do, if you want to enforce strong passwords, is upgrade your NetWare.  NetWare 6.x, using the latest eDirectory version, can enforce strong passwords, limit password length (min and max), use a dictionary of common words to disallow their use, and more.
0
 
LVL 35

Expert Comment

by:ShineOn
ID: 12133325
I just mentioned a way to enforce complexity in the stock NetWare environment, by the way...
0
Creating Instructional Tutorials  

For Any Use & On Any Platform

Contextual Guidance at the moment of need helps your employees/users adopt software o& achieve even the most complex tasks instantly. Boost knowledge retention, software adoption & employee engagement with easy solution.

 
LVL 34

Expert Comment

by:PsiCop
ID: 12133375
He'd have to upgrade, but I confess I didn't know what about v6.5/eDir 8.7.3. Can you point out some docs on that?
0
 
LVL 35

Expert Comment

by:ShineOn
ID: 12133545
It's part of the NMAS, which was rolled into eDirectory 8.7.3 - no longer a separate product.  If you look at the eDir 8.7.3 docs, it tells about it.  I'm kind of on hold, in the middle of implementing it.
0
 
LVL 34

Expert Comment

by:PsiCop
ID: 12133615
Ah. NMAS. We don't use it, so I never explored it. Thanks for clarifying.
0

Featured Post

PeopleSoft Has Never Been Easier

PeopleSoft Adoption Made Smooth & Simple!

On-The-Job Training Is made Intuitive & Easy With WalkMe's On-Screen Guidance Tool.  Claim Your Free WalkMe Account Now

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
iFolder NetDrive with iFolder 3.8 4 977
novell 6 and groupwise 4 426
How to connect 7 337
How to log on a machine in XP mode in win7 8 571
Originally, this post was published on Monitis Blog, you can check it here . Websites are getting bigger and more complicated by the day. Video, images and custom fonts are all great for showcasing your product or service. But the price to pay in…
The Windows functions GetTickCount and timeGetTime retrieve the number of milliseconds since the system was started. However, the value is stored in a DWORD, which means that it wraps around to zero every 49.7 days. This article shows how to solve t…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…
Are you ready to implement Active Directory best practices without reading 300+ pages? You're in luck. In this webinar hosted by Skyport Systems, you gain insight into Microsoft's latest comprehensive guide, with tips on the best and easiest way…

726 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question