> I need to set up a system whereby someone who does not have security officer
>  type access can re-set someone's user id.  Not change the password or
>  anything - just re-enable it.  Anyone have an example that can achieve
this?
>  In particular, this needs to be initiated from a PC program if possible.

You might check the archives of this list & Security/400.

I vaguely remember that someone shared a program once in which certain
changes would be made to user profiles in which a user without command line
access could run a program that adopted authority, because you do not want
people given that authority then going other places with it.

When MIS is given the chore of re-opening access, we invariably are
interested in the question of what caused the access to be closed in the
first place & this can show us that there has been an intruder incident, or
some equipment was not set up correctly, or something is in need of repair,
or we have a new employee whose computer education was denied.  So then we
fix whatever the problem is.

The big problem of course is that when you have brain dead people asking
other brain dead people to do things, you pretty soon do not have any worth
while security.

We get phone calls from people trying to spoof our security.
MIS errs on the side of caution ... WHO THE HELL ARE YOU & WHY DO YOU NEED TO
BYPASS OUR SECURITY?

A receptionist type person is likely to err on the side of letting HACKERS
GET IN.
"I am manager at X site & I need security access for my new employees." and
the receptionist person has no idea that the caller is in fact a person with
no such authority.

MacWheel99@aol.com (Alister Wm Macintyre) (Al Mac)


As an Amazon Associate we earn from qualifying purchases.

This thread ...

Follow-Ups:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2022 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.