Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations SkipVought on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Deleted admin account

Status
Not open for further replies.
JohnHoward

JohnHoward

Technical User
Jan 15, 2001
19
0
0
GB
The admin account has been accidently deleted on one of our Netware 4.11 servers.We now have no users who can create new users etc even though certain users previously had admin rights. Anyone any ideas on how we can bring it back?

Cheers

John
 
Sort by date Sort by votes
If you know what the original Admin password was you can log in using a bindery connection as SUPERVISOR. You may be able to recover or recreate your admin user this way.

I was under the impression that you could only delete the admin account if another user existed that had admin rights. Any users that were set up as security equivalent would loose admin rights at this point.

 
Upvote 0 Downvote
Nope that was the first thing I was told to watch out for was that it was possible to delete admin rights in the NDS rights.They said to always have one user as a back up with full rights.
 
Upvote 0 Downvote
Check out emadmin and recover1 on the NLM's page at Dave's Novell Shareware page.


Let me know if these work, I would try myself, but I don't have a sandbox server currently that I'm willing to try them on.

-Mike
Michael A. Dontato MCNE, MCSE, CCA
mdonato@site-technologies.com
 
Upvote 0 Downvote
Thanks for the tips guys. Its looks like this will be our only option. Does anyone no if when using these NLM's if you need to re-apply the service packs or patches afterwards?
 
Upvote 0 Downvote
If you do have someone with admin rights you could try removing the IRF supervisor block.
 
Upvote 0 Downvote
We are going to try using the Genesis software provided by but we need to update the support packs first. I will post the outcome here.

Thanks for all your help

John
 
Upvote 0 Downvote
Hi

We have tried most of the utilites available ie makesu.nlm, genesis etc and they all failed with cannot load symbol errors due to the fact we didnt have the latest support packs loaded before this happened. I have managed to create a user with supervisor access using burglar.nlm but this doesnt have the object rights to the tree so we still cant create users etc.

Anyone have any ideas on how we can assume these rights?

Thanks

John
 
Upvote 0 Downvote
You can (if you have a set of reliable backups) is backup your current data, then do a FULL restore including NDS from an old tape where the admin user still exists, then do a partial restore of the old data. This way you'll only lose changes in NDS, but none of your data.
Do you still have a supervisor user? That user should be able to perform most (if not all) admin functions.

Once you get this mess fixed, here is what I recommend you do: What we have done in our company is use the "supervisor" account for network administrators. We have modified the rights of the supervisor account to be admin - with one exception. The "admin" account is actually superior to all the supervisor users in our tree and the password for the account was selected and entered by our company president, then put in a sealed envelope, and then in the bank vault. This allows the network admins to do their job, but the company's board of directors ultimately have full control over everything if some disgruntled employee decides to change all the supervisor passwords. A lot of trust is placed in the network admins, and this gives the company brass the peace of mind that they have full control if they need it. In fact, none of our company brass knows the admin password or the supervisor password. And that prevents people from going in and screwing things up, either purposely or accidentally.

The practice of giving users any supervisor/admin access through their every-day accounts is asking for trouble. Now you know why. The network admins in our company have their own personal account, with the exact same rights as everyone else. When they need to do network admin work, then they use the supervisor account and password, which incidentally is the same throughout the entire company. If somebody were to leave their computer unattended when it was logged in as supervisor, you are inviting disaster!

 
Upvote 0 Downvote
Guys.

We now have administrative rights back.We used the makesu.nlm from dreamlan.com and that recreated a new admin user with rights to the tree. Its cost $99 but it was money well spent.

Thanks

John
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

maybeimaleo
  • Locked
  • Question
Multiple logon id's for one account? 1
Replies
4
Views
70
maybeimaleo
maybeimaleo
ZABARVAN
  • Locked
  • Question
the user account does not have permission to edit site configurations
Replies
0
Views
23
ZABARVAN
ZABARVAN
andrewfr
  • Locked
  • Question
Sub admin role - NetWare 6.5
Replies
1
Views
34
marvhuffaker
marvhuffaker
sergeys
  • Locked
  • Question
How to find out who deleted published application?
Replies
2
Views
45
sergeys
sergeys
SSShine
  • Locked
  • Question
NDS Admin object Deleted
Replies
3
Views
43
TheLad
TheLad

Part and Inventory Search

Sponsor

Back
Top