After starting ObjectGears the first time I created administrator as the first user. I configured everything with this user and then imported other users.
Now I do not know if I can delete this user. I do not want to lose admin access.
You can delete it. The fact that some account is admin is set in the file web.configu in the parameter AdminLogins. So admin can be anybody who has the account included here.
You can also leave this parameter blank and then nobody will be able to change any configuration in the instance, supposing you also delete model owners.
Related
I have a solution where I had a user1. I have add this user in the Admin group to give him access to the server. Then I change the name in admin and set the password to admin1234. Then ehn I start the server and it ask for the pass, I enter the new one but it doesn't work. So I remove my user and create a new one, still the same... I remove all the user and have only the default Admin group with no user, but still impossible to run anything. I always get ask for the admin pass when I have no user in the directory.
I have try to do a custom required.js function, I have try with the basic settings... I tried everything but I can't make my project to run.
Anybody have an idea of what should I do to fix this problem?
Try to remove the admin user, kill the server process and then create a new admin user.
I had the same issue a long time ago and this worked for me.
Just had Magento moved from one domain to another, but can't log in the admin, even though I could earlier in the day.
I have full access to the DB via PHPmyAdmin.
Fixed. Changed the password to MD5 within the database and it seems to let me in.
I'm very new to ion-auth so apologies in advance if this is a dumb question.
I have a feature request from a user (an admin) where they would like to be able to switch into another user's account to see the app from their point of view. The use-case here is that the admin would find the user in question's account in our user admin page in the app, then click a button to effectively 'become' that user.
Any ideas how this would be achieved?
Many thanks
Pete
#Pete,
What you're asking for is what is sometimes called "hijacking" the account.
There isn't currently a feature for that, but essentially what you need to do is:
1) destroy the current session
2) rebuild the session as the user you want to highjack
3) make sure the logged_in session variable is also set.
Passwords are all hashed, but I think it would be pretty straightforward to write a login function for yourself that doesn't go through the password hashing as part of the login steps.
In other words,
1) log out
2) look up the user id's username & password
3) login directly with that password, not a hashed version
Of course, you'll want to be very careful about your security
You need to alter the users_groups table adding a "status" field, in order to set true/false the current user_group.
Then, upgrade the model with a function that makes the following:
Get the current group and sets his status to false.
Get the new group and set his state to true.
Redirect to home page of selected group.
With this change, you can regenerate all the user`s data session and navigate as the selected user.
I have an application which uses Dirsync to monitor the changes in AD. When I add/remove users to a group, AD creates an event for it. But when I delete a user from AD, it only create a changelog for user deletion. I don't get a changelog for "user removed from a group"
Is there some settings I can enable to view these kind of changes too?
When you delete an user, they are not automatically deleted from the group. Their SID is left lingering in the group membership unless you manually remove it. This happens to access controls as well, if you gave permission for a share to that user, you'll see a SID with no user information left on the share after you delete the user.
My organization adopted the policy of disabling users and moving them to a "Terminated Users" OU with a GPO attached that makes their session unusable if someone managed to re-enable the account. This allows us to avoid dangling SIDs and not have to worry about doing a full audit of group membership every time an employee leaves.
If you wish, you could do an audit once a year where you remove all permissions for a user, then delete the user, but I don't really feel it's necessary.
I need some help in understanding a problem. Here is the scenario. We have a windows domain controller machine and several machines in that domain. (Everything in windows 2008). In one of the machines in that domain (machine name AlphaSiter) our own custom java based product is installed. To log on into our product, you have to provide a user/password combo which is validated against the active directory. Now here is the scenario.
Log into the domain controller and create a user (say David) in the active directory and set the “User must change password in next login option”.
Go to the machine called AlphaSiter where our custom product is installed and try to login to our product with the newly created user credentials and then change password successfully.
The side affect is that in the AlphaSiter machine in C:\Users the user folder is created..that is c:\Users\David. Also this folder is only created if at the time of user creation the “User must change password in next login option” is set. This user folder is not created if the option is unchecked. We are not creating the folder programmatically from our code. So I am wondering how this folder is getting created.Is it something that windows does internally?
Any help on this would be appreciated as I have to give explanation to our customer ---:)
The user's profile folder is always created when there is some profile information that needs to be stored. It may be some registry settings in HKCU hive.
You can use RegMon to track regitry activity.