re-enstating a retired account

re-enstating a retired account

Post by Raymond Doetje » Mon, 18 Sep 2000 04:00:00



Hi,

We always retire persons when they leave.
However no a person comes back so I want to re-enstate him.

However I when I remove *Retired from the password field en even after I
run convuser (which can sometimes also be problemtatic :) )
It still is listed as Riteried in the accountmanager GUI and the user
is'nt allowed to login also.
I even deleted that account and build it up the way it was before and
still it is retired. How can I re-enstate him???

I use Encahnced security features.

Raymond

 
 
 

re-enstating a retired account

Post by Stuart R. Full » Wed, 20 Sep 2000 04:00:00


: Hi,
:
: We always retire persons when they leave.
: However no a person comes back so I want to re-enstate him.
:
: However I when I remove *Retired from the password field en even after I
: run convuser (which can sometimes also be problemtatic :) )
: It still is listed as Riteried in the accountmanager GUI and the user
: is'nt allowed to login also.
: I even deleted that account and build it up the way it was before and
: still it is retired. How can I re-enstate him???
:
: I use Encahnced security features.

/tcb/bin/edauth user-name

Remove the "u_retired" field.  Exit the editor.  Set the password.

        Stu

 
 
 

re-enstating a retired account

Post by TFL » Thu, 21 Sep 2000 04:00:00


I would suggest rebuilding him with a different UID ..


Quote:> Hi,

> We always retire persons when they leave.
> However no a person comes back so I want to re-enstate him.

> However I when I remove *Retired from the password field en even after I
> run convuser (which can sometimes also be problemtatic :) )
> It still is listed as Riteried in the accountmanager GUI and the user
> is'nt allowed to login also.
> I even deleted that account and build it up the way it was before and
> still it is retired. How can I re-enstate him???

> I use Encahnced security features.

> Raymond

 
 
 

re-enstating a retired account

Post by Tim Moon » Fri, 22 Sep 2000 04:00:00




> On Sun, 17 Sep 2000 15:30:07 +0200, Raymond Doetjes

> >We always retire persons when they leave.
> >However now a person comes back so I want to re-enstate him.

> >I use Encahnced security features.

> Can't do it.

:-)  Phooey.  *Shouldn't* do it, according to the C2 spec.  You *can*
do it, though.  The magic bit that says the account is retired is in the
C2 entry for that user.  Just use `edauth' to look through that person's entry,
and find the field that specifies it's a retired account.

        man 4 prpasswd

may help.  Now if only `userdel' could be taught to actually delete users
under C2. Even if it required you to specify an option like

 -x i_dont_care_about_c2_requirements_just_delete_them

it would still be better than the current situation.

Tim
--

Information Technology Services         (701) 231-1076 (Voice)
Room 242-J1, IACC Building              (701) 231-8541 (Fax)
North Dakota State University, Fargo, ND 58105-5164

 
 
 

1. Retired Users - any way to know who retired them?


: 1) Can a user other than root (or with root privileges) retire another user?

Yes, a normal user could retire another user if the normal user had the right
subsystem authorizations like auth for example.

: 2) Is this information tracked somewhere?

Nope -- Don't think so.

Steven
--
Steven Bradley                   121 Cambridge Drive, Longwood, FL  32779-5707

"And all things you ask in prayer, believing, you shall receive."   Matt 21:22

2. Linux & P55SP4

3. Mail still coming on Retired accounts!!

4. Sorry, test

5. Bouncing email on retired accounts

6. Unix System Admin Needed - Boston, MA

7. Are user accounts still 'retired'?

8. My Mouse Is Lame (and so am I?)...

9. Account RETIRE on SCO Unix 3.2.2

10. Retired accounts

11. How retire hard isk

12. retire Linux drive

13. Dec Unix Retire User ?