Bugtraq mailing list archives
Re: Microsoft NT "un-removable user" Vulnerability.
From: Ben <bda20 () CAM AC UK>
Date: Thu, 7 Sep 2000 08:40:24 +0100
On Wed, 6 Sep 2000, Steve wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1After your email, I retested this in NT4 SP6a and it is still true.What build? Any hotfixes? I have re-tested this on three different NT 4.0 SP6a+all hotfixes and cannot replicate the issue. I will ask again, what custom user manager are you using?
We have an NT4.0 Server with SP5+all current post SP5 hotfixes. While I have been unable to replicate this user-specific bahaviour, I have noticed something concerning the ADDUSERS command included in the NT4.0 Resource Kit. If you use ADDUSERS and add the users and groups from a file, you're supposed to seperate the values for each user/group (name, home dir, profile path) with commas. My technician in her innocence used tabs. On reading in this file in we ended up with a group of the name TEMP|temporary group|jb100|js200|tr543 On trying to delete this group via the User Manager for Domains various errors cropped up claiming the syntax was invalid or the volume label was invalid. It took Hyena (http://www.adkins-resource.com/) to get rid of it. I wouldn't be suprised if the "custom user manager" he's talking about is Hyena.
If I'm using the command incorrectly, please let me know. I'm not sure how to escape characters in NT (I also tried "net user testuser\; /delete" and various other forms but none worked.Try a "NET USER /?" to get the proper syntax. I use "NET USER testuser; /DELETE and it works fine on my test boxes. I am going to toss my SP4 image on to a box later today and see if there is a difference.
With our setup we were also unable to remove this bad group with any of the command line utilities, resource kit or otherwise. Ben -- Sysadmin, Faculty of History, Cambridge University, England Tel: +44 (0)1223 (3)35315 | Email: Ben () hist cam ac uk Plugger of wire, typer of keyboard, imparter of Clue
Current thread:
- Microsoft NT "un-removable user" Vulnerability. John Lange (Sep 05)
- Re: Microsoft NT "un-removable user" Vulnerability. Steve (Sep 05)
- Re: Microsoft NT "un-removable user" Vulnerability. John Lange (Sep 06)
- Re: Microsoft NT "un-removable user" Vulnerability. Steve (Sep 06)
- Re: Microsoft NT "un-removable user" Vulnerability. Ben (Sep 07)
- Re: Microsoft NT "un-removable user" Vulnerability. John Lange (Sep 06)
- Re: Microsoft NT "un-removable user" Vulnerability. David LeBlanc (Sep 06)
- Re: Microsoft NT "un-removable user" Vulnerability. David LeBlanc (Sep 07)
- Re: Microsoft NT "un-removable user" Vulnerability. Steve (Sep 05)
- Re: Microsoft NT "un-removable user" Vulnerability. Jonathan Rickman (Sep 07)
- <Possible follow-ups>
- Re: Microsoft NT "un-removable user" Vulnerability. uh Clem (Sep 07)
- Re: Microsoft NT "un-removable user" Vulnerability. David LeBlanc (Sep 07)