 |
 |
Any way to remotely push mass admin/root password change?
|
|
|
|
|
Mac Enthusiast
Join Date: Feb 2001
Location: White Plains, NY
Status:
Offline
|
|
I'm a system admin and was wondering if there is any way to "push out" a password change (admin/root) on a large scale.
In other words, we have 150 Macs.... in the event the password for either ADMIN or ROOT (local accounts) is compromised, is there a way to change these passwords without having to go to EACH and EVERY desktop?
|
|
|
| |
|
|
|
|
|
|
|
Dedicated MacNNer
Join Date: Nov 2003
Location: SoCal
Status:
Offline
|
|
you could write a perl script to telnet into the machine using a NIS admin account, change the local admin password, and logout.
|
|
|
| |
|
|
|
|
|
|
|
Mac Elite
Join Date: Nov 2001
Status:
Offline
|
|
You should use Open Directory passwords and then just change the policy so everyone has to change their password on next login.
150 Macs is a PITA to manage if you don't have any form of centralized management. You're learning the hard way -- this would take 4 seconds if you were using Password Server.
|
|
|
| |
|
|
|
|
|
|
|
Mac Enthusiast
Join Date: Sep 2000
Location: Louisiana
Status:
Offline
|
|
Catone,
I think his problem is that he has 150 macs all with an administrator account and all with the same password. He wants to be able to change the administrator (local account) password on all 150 machines at one time from one machine instead of going to each machine and changing the administrator password.
I know it can be done with the latest ARD and issuing a unix command to each machine, I think in the form:
passwd administrator
<newpassword>
<newpassword>
with this being run as root.
|
|
B&W G3/300 OS X 10.3 Server
AL G4/1.5 OS X 10.3
Next computer G5/3.X Ghz OS X 10.x.x
|
| |
|
|
|
|
|
|
|
Mac Elite
Join Date: Nov 2003
Location: Minnesota
Status:
Offline
|
|
Originally posted by jguidroz:
I know it can be done with the latest ARD and issuing a unix command to each machine, I think in the form:
passwd administrator
<newpassword>
<newpassword>
with this being run as root.
You might be able to do this with a shell script.
Does OS X use passwd, group, and shadow files the same way that other Unices do? You might also be able to script each machine to grab a centralized passwd file and merge it with the local one.
|
|
|
| |
|
|
|
|
|
|
|
Addicted to MacNN
Join Date: Mar 2000
Location: London, UK
Status:
Offline
|
|
Yeah but why not just leave root disabled and authenticate the admin user against Open Directory? 
(And no, OS X doesn't use the passwd file like other unices. It uses lookupd and Open Directory, which by default back onto NetInfo on client and Apple's LDAP-based system on server).
|
|
|
| |
|
|
|
|
|
|
|
Mac Elite
Join Date: Nov 2001
Status:
Offline
|
|
Originally posted by Angus_D:
Yeah but why not just leave root disabled and authenticate the admin user against Open Directory?
(And no, OS X doesn't use the passwd file like other unices. It uses lookupd and Open Directory, which by default back onto NetInfo on client and Apple's LDAP-based system on server).
I believe OS X *can* use the /etc/passwd file *if* you turn on BSD configuration files in Directory Access.
For true UNIX heads only, of course.
|
|
|
| |
|
|
|
|
|
|
|
| |
|
|
|
 
|
|
|
Forum Rules
|
|
|
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
|
HTML code is Off
|
|
|
|
|
|
|
|
|
|
|
|
|
Top
