jbasemultivalue-databasepickmultivalue
This is how D3 lists the accounts in the system.
SORT ONLY MDS WITH A1 = "D]""Q"
Not sure how to do this in jBASE.
This is how D3 lists the users that can log into the system.
SORT USERS
Not sure how to do this in jBASE.
This is how D3 shows the current user or a number of users with their port#, user-id, and account-name.
WHO
WHO USERID
WHO PORT#
WHO
jBASE does have a "WHO" command, but is there a way to see who the user is as well?
This is how D3 logs off a port.
LOGOFF PORT#
RESET-USER PORT#*
jBASE does have a LOGOFF, but not sure how to logoff the correct user/port.
This is how D3 shows the available verbs on the account.
LIST-VERBS
Not sure how to do this in jBASE.
When using jBASE LIST-LOCKS, jBase returns a PORT/PID.
How do I determine the User ID from the PORT/PID information?
Can you also point me in the direction to find jBASE documentation for these questions so I can avoid asking these questions of support?
List accounts in system.
IMHO - jBase accounts are more system related (windows or unix users) and jBase works around it's current working directory. However, in jBase you have the "SYSTEM" file, that you can list or "CT" (Copy to Terminal).
CT SYSTEM
Here again - all users that can have file system access to a directory with jBASE files can access it.
In jBase there is a good command to list all active users or "ports" - WHERE. If you use option "(V" you will also see all details what user is doing. You can also pass user no (port no) to "WHERE (V" command Another useful utility is mw42 - it shows all jBase processes (active users)
WHERE (V port_no
jBase does have LOGOFF command - you pass PORT No as argument. There is also jKill command to kill jbase process
LOGOFF port_no
I think this is what you need - to list Verbs from VOC (or MD):
LIST VOC WITH F1 EQ "V"
LIST MD WITH F1 EQ "V"
It's better to use SHOW-ITEM-LOCKS, but the user id you will only see from WHERE (V command
Most of the jBase documentation is here: https://docs.jbase.com/
Accounts in jBASE are different than on D3, in that they were originally associated with a system user and logged into directly, rather than via a LOGTO.
At a later date, "LOGTO" was implemented, so it is now also possible to create accounts in jBASE just as you might in D3, and entries for these would be found in the designated SYSTEM file.
There could potentially be more than one of these SYSTEM files, however. In each case, any SYSTEM file being used will be "pointed" to by the JEDFILENAME_SYSTEM environment variable for the "account" into which your are currently logged.
In jBASE, users are generally defined for the system rather than for jBASE, i.e. those that are defined as users and can log into the system via Telnet/SSH/Console etc.
The jBASE WHO returns both the port number of the logged-on user name.
jBASE just uses LOGOFF port#.
WHERE port# will return the PID associated with that port
There is no jBASE equivalent, but you could get a rough idea by running:
SORT MD WITH *A1 EQ "t"
this will list keywords/connectives as well.
Again, "WHERE port#" should give you the information you need.
There is also a verbose option, i.e. WHERE port# (V
I should note that these answers related to the Zumasys jBASE version and not the Temenos TAFC version, as there may be some implementation differences.
Mike
LIST-VERBS is really just this that shows the executables provided by jBASE:
Windows: LIST %JBCRELEASEDIR/bin
Linux : LIST $JBCRELEASEDIR/bin
Related
I have a powershell script that runs automatically thanks to a taskscheduler and its purpose is to take the version of all the softwares of the system in order to make a list and to quickly have an overview of the versions that are outdated. The problem is that in order for it to run at any time, the script is assigned to the SYSTEM user. However, some applications are only assigned to one user and SYSTEM cannot find them in its HKCU key.
So the question is, how can I list all the content?
Thanks in advance
You will need to load their hive first
REG LOAD HKEY_Users\johnshive "C:\Users\john\NTUSER.DAT"
You can then address their hive via powershell e.g.
Get-ChildItem -Path Registry::HKEY_USERS\johnshive
If the person is logged on, you have to go into HKU and find all registry keys that end in "_Classes". Then remove the "_Classes" from the end of those keys and that is the list of possible keys that belong to the user. If there is only one, and you know the person is logged on, then that is probably their key. But if there is more than one, then you have mostly empty ghost copy/copies where windows failed to fully unload it. Afaik, the ghost copies will not have the subkey "Volatile Environment" with the value "USERNAME", but I have suspicion that this isn't a true statement. I've had PsLoggedon.exe report two users logged on, but only later did I learn PsLoggedon.exe uses HKU to find who is logged on (not sure what subkeys and values it uses).
But if the user is not logged on, don't even go down that road unless you are a very detailed oriented person. If you load their registry hive, do your work, and forget to unload their registry hive, you will lock their registry hive file, Windows will think the profile is corrupt, build a new user profile, user will log in finding Documents folder empty and think their files are gone. I did a lot of experiments injecting mapped network drives into registry hive files of test users before I ever did that on an actual user profile.
I have a machine which I want to find where my password hash is stored.
the set command returns details about the account and shows that it is connected to a domain however it doesn't show in net user. As well as this on advanced system settings -> User profiles the account shows as type: local and Status: local.
It seems to be a domain user however windows doesn't think it's on a domain.
Because of this searching for hashes has only brought up dead ends. They aren't in the SAM file and they aren't in SECURITY. I also tried password recovery software and the account simply didn't show.
I could see the correct hash through sekurlsa::LogonPasswords full - specifically serkurlsa::msv with mimikatz but now I would like to know where they are stored.
I know they are cached somewhere as I can login without internet, so I think I'm specifically looking for this file.
A brief search of the command suggests they are in the SAM database but I know they aren't.
Any assistance would be appreciated.
I'm working on a System Service project with SYSTEM privilege (cleaning utility)... It does not interactive with any user interface.
My goal is to check files in "Desktop" and "AppData" folders for any user that exists on the PC.
I'm using NetUserEnum() to get the user list on the PC. Then I want to get the path of each user's Desktop and AppData with SHGetKnownFolderPath(), but I can't find a way to get each user's access token for SHGetKnownFolderPath(). Without a token defined in SHGetKnownFolderPath(), it returns the path for SYSTEM and not specific users.
Q1. How can I get the token of each user for SHGetKnownFolderPath()?
Q2. If no answer for Q1, is there any documented way to get the desktop & appdata path of each user in the PC?
I understand this can be achieved with dirty way ---> Registry key with some string replacement. However, the Registry key method is undocumented, which may easily break in future updates to Windows.
Edit Update:
#RaymondChen Thanks for pointing out that some user profiles may not exist. Also,
About Q1 : #Remy Lebeau provides a solution with LogonUser/Ex(),login to each user with their credentials,might be the only answer that fits the need of Q1.
About Q2 : There might have no documented way to achieve this. The only method might have to stick with Windows Registry (Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders) , as #Remy Lebeau and #Olaf Hess said. I tried to dig more information on Microsoft Community Forum and I got Microsoft would never allow access other users' profile with their native API for security reason. They do not provide APIs that can possibly violate the security rules. Each user profile can only access by its credentials.
btw, I totally understand that "Cleaning utility" aka "Windows-breaking tool", especially when the tool is not being well codded(ex. compatibility problem). For the sake of avoiding to make it become a totally Windows-Destroyer, I tried to use more documented API as possible.
For Windows Vista with SP1 / Server 2008 and better you can query the existing user profiles using the WMI class Win32_UserProfile. This allows you to retrieve the profile path and check whether it is a local or roaming profile and to get status information. The rest (retrieving the paths to APPDATA, DESKTOP, etc.) is likely going to involve reading values straight from the registry (HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders or HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders).
First of all, I realize this is a messy situation, but it's not of my design, and I'm just trying to help, and for that I need your help.
App A is getting installed automatically via SMS installer under the Administrator account, not the PC owner's User account. App A has a registry key defined in HKEY_LOCAL_MACHINE hive.
After App A is installed, we want to edit the above mentioned registry key, to assign the User's C:\Users\USER_ID\Documents\ folder (I'm told we don't don't know who the user is and don't have access to USER_ID during step 1).
I know all about UAC, Application Manifest, and requestedExecutionLevel. However, I'm told we can't expect that all users will be in the Administrators group on their machine.
Solution must be backwards compatible with Windows XP as well.
I'm searching for options to get `C:\Users\USER_ID\Documents\' into the 'HKEY_LOCAL_MACHINE' hive under the above listed conditions.
I found this thread that might be related to a similar situation, but I don't fully understand it yet (so I will give credit to anyone that explain it better):
Find out (read) logged in user in a cmd started as a different user
I also read something that rules out ClickOnce:
Clickonce + HKEY_LOCAL_MACHINE
After App A is installed with admin privileges you are trying to run an additional script as the local user who does not have admin privileges . In order for your secondary script to write to the local machine key it will have to be run with administrative privileges ..period. That said, you have basically two choices:
1) Use the RunAs command to run the script with elevated privileges and have the user type in a admin username and password to run the script with elevated privileges.
2) This is the better way imo - Since SMS is being leveraged as the delivery tool, use its capability to detect and use local client configuration settings to write the key at the time of installation.
So basically the SMS package would have to be setup to run only when the local user logs on one time so that SMS can grab the current user and write it to a file somewhere.. after that is completed SMS can run a separate package as the admin (user will get prompted) to do the software install looking for the file containing the user and then consequently updating the local machine key to the correct user my document path.
Enjoy!
Is there a way to enumerate all users on a local (NT-based) Windows box that can log in locally? Basically, I need a list of non-system users - this includes Administrator but excludes SYSTEM, LOCAL SERVICE and NETWORK SERVICE.
Edit: Yes, I need to do this from code. Since this is a programming website, I thought this was implied.
NET USER
[username [password | *] [options]] [/DOMAIN]
username {password | *} /ADD [options] [/DOMAIN]
username [/DELETE] [/DOMAIN]
NET USER creates and modifies user accounts on computers. When used
without switches, it lists the user accounts for the computer. The
user account information is stored in the user accounts database.
Did you want to do it from code? The following discussion might help: http://www.codeproject.com/KB/system/EnumerateLocalUser.aspx
Simply use Net apis.
See MSDN samples
You can use NetQueryDisplayInformation API, combine with bitwise check on user info flag. I have exactly same requirement, so I cook a sample code (modified from MSDN GROUP query).
The user flag I used are UF_NORMAL_ACCOUNT UF_ACCOUNTDISABLE UF_PASSWD_NOTREQD ---> this ensure we get Human account, Human account always requires password.
working code at: http://www.cceye.com/list-system-normal-user-account-only/