Results 1 to 14 of 14
  1. #1
    azrail
    Guest
    Exclamation NetInfo and password creation
    I posted this in the OS area, but I think this is aslo a forum this should be in.

    I am attempting to write a script that (when run only by root) will be able
    to create a user with a password. Now this dosent seem hard, except that
    the creation has to be done with out interaction from the user. Hence the
    command 'passwd ' is out. So I found that in
    Code:
    /private/usr/db/shadow/hash/gnereateduid
    is where the password is stored. I am wondering how to generate that
    password. In the netInfo database if

    passwod_authentication is set to ;Basic;
    then a htpasswd -nb passwordhere

    stored in the passwd field works. And as I have heard this is the standard
    for pre 10.3 versions of X. But 10.3 now allows the ;ShadowHash; option
    for authentication. And I am wondering how to generate that
    ShadowHash'd password.

    Any help would be awesome, even if it's "I dont know at all" would be cool.

    Thanks

    --
    Dave Walker

  2. #2
    NetInfo and password creation
    witeshark's Avatar
    Member Since
    Mar 09, 2004
    Location
    Miami FL
    Posts
    2,860
    Specs:
    G4 1Ghz OS X 10.4.7
    I'm firstly wondering why you want to have a script to create a user - are you just trying to automate the process to skip steps? The creation of a password by script would have to be a string generator, I would think. Seems a bit of a bother for an app rarely used

  3. #3
    azrail
    Guest
    The purpose is to have a - root level - account on all the machines with different passwords. So in the event we need to go to a user, and they forget their administration password, we always have a user to fall back on (via the install cd to reset the password). The password is got via a perl script that genereates a random 64 character password.

    The purpose to the password, is that each admin account has a different unknown password, so in the event someone found it, or hacked it.. it would be for that machine, and only for 1 day.

  4. #4
    NetInfo and password creation
    witeshark's Avatar
    Member Since
    Mar 09, 2004
    Location
    Miami FL
    Posts
    2,860
    Specs:
    G4 1Ghz OS X 10.4.7
    There is a similar back up password in file vault

  5. #5
    azrail
    Guest
    I do not believe what I am looking to do is for file vault. I am not trying to protect the home directory. I am trying to create a seprate entity in the NI database.

  6. #6
    NetInfo and password creation
    witeshark's Avatar
    Member Since
    Mar 09, 2004
    Location
    Miami FL
    Posts
    2,860
    Specs:
    G4 1Ghz OS X 10.4.7
    You mean like a new user with low level permissions?

  7. #7
    azrail
    Guest
    Yes, I want to create a new user, via the command line. And be able to
    set that users password with out being prompted/have any interaction
    from the end user.

    Dave

  8. #8
    NetInfo and password creation
    witeshark's Avatar
    Member Since
    Mar 09, 2004
    Location
    Miami FL
    Posts
    2,860
    Specs:
    G4 1Ghz OS X 10.4.7
    This can be done - from an article I found:
    #!/bin/sh
    if [[ -z $1 ]]; then
    # robg note: Please enter the next two lines as one without
    # any spaces between the "/" and the "R"
    /System/Library/CoreServices/Menu\ Extras/User.menu/Contents/
    Resources/CGSession -suspend
    else
    USERID=`id -u $1`;
    if [[ -z $USERID ]]; then
    exit -1;
    fi;
    # robg note: Please enter the next two lines as one without
    # any spaces between the "/" and the "R"
    /System/Library/CoreServices/Menu\ Extras/User.menu/Contents/
    Resources/CGSession -switchToUserID $USERID
    fi;
    hope this helps!

  9. #9
    azrail
    Guest
    no i am not looking for fast user switching, via the command line. I am just looking to set a users password via the command line, with out anyone interacting with that password.

    I looked through the passwd source, and see that there are calls to ni_* but the ni_* functions do not seem to be available (Apple code???) I did this to see if i could take out the new password: and re-enter new password promompts, and just add another command line argument that passwd would take... ex: passwd user password and it would set that users password with password, and not prompt for anything.

  10. #10
    NetInfo and password creation
    witeshark's Avatar
    Member Since
    Mar 09, 2004
    Location
    Miami FL
    Posts
    2,860
    Specs:
    G4 1Ghz OS X 10.4.7
    So what you need is to be able in interpret the password un hashed in the CLI?

  11. #11
    dr_springfield
    Guest
    use sudo chpass -a

    You asked about the 10.3 hash... how it's generated...
    The first 64 chars are NTLM MD4 hash, used for File sharing (samba)
    The remaining 40 chars are SHA1 hash.
    Not that it's related to your question, since if I understand your question correctly, chpass should do it for you.

  12. #12
    azrail
    Guest
    Alright, that is almost what I am looking for (if those are the right specs). chpass dosent quite do what i am looking for, or it dosent look like it does. I guess that is good enough help. Now to figure out how to generate the NTLM MD4. openssl takes care of the sha1.

  13. #13
    NetInfo and password creation
    witeshark's Avatar
    Member Since
    Mar 09, 2004
    Location
    Miami FL
    Posts
    2,860
    Specs:
    G4 1Ghz OS X 10.4.7
    If you find out something more about root access and control of user/password from the CLI, I would very much appreciate a post

  14. #14
    mhaury
    Guest
    OSX 10.3 Password on CommandLine - A Solution
    Hello,

    this script creates a password on the commandline, however you have to use 'expect' to create the password via:
    passwd -i netinfo username

    You can either run directly an expect script or wrap it with zsh...

    I pass the parameters via the command line
    ------ start script
    #!/bin/zsh
    username=$1
    password=$2

    expect<<EOF
    spawn "passwd -i netinfo" $username
    expect "ssword:"
    send $password\r
    expect "ssword:"
    send $password\r
    expect eof
    EOF
    ------ end script

    Hope that helps... I lost about 2 days to find this out....

    Best M.

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Any way to undo new account creation? (lost password)
    By dureel in forum OS X - Operating System
    Replies: 2
    Last Post: 03-30-2014, 11:33 PM
  2. Password not working for initial account creation
    By aj4ck in forum Switcher Hangout
    Replies: 2
    Last Post: 08-10-2012, 02:05 PM
  3. unknown accounts in netinfo user list
    By urbanscrawl in forum OS X - Operating System
    Replies: 3
    Last Post: 03-14-2009, 08:04 PM
  4. using NetInfo Manager to point to home folder on separate drive
    By frank_spencer in forum OS X - Operating System
    Replies: 0
    Last Post: 02-16-2009, 09:07 AM
  5. NetInfo Manager needs Internet access?
    By hagen in forum Internet, Networking, and Wireless
    Replies: 6
    Last Post: 11-01-2006, 05:48 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •