Enea OSE: Password Expiration - How to Check, Set, or Modify - passwords

I am running Enea OSE 4.6.1 on a system that I have and every so often (sometimes a few days, usually several weeks), I am asked to change my password by the system.
I am wondering if there is a way to check the expiration date of my password, or modify said date. I do not enjoy having work to do and being surprised with the expired password. The end goal is to write a script to check the password expiration so I am aware beforehand.
I searched through some of the OSE Documentation I have on hand and did not see much about passwords (I do not have every PDF). I also checked through some of the source code and the validation process but see no mention of expiration, dates, or change. Finally, I was able to secure a list of all pre-configured command line commands and none of them mention (expiration) date for passwords. There is a command to change password but it mentions nothing of time or date.
I believe there is a way to create my own custom command line command I found in one of the OSE manuals, but in order to do that I will need to know where password expiration is stored.
Any information would be greatly appreciated as I know OSE is not too widespread. Thank you in advance.

Related

Logging the last time user signed in Node.js

I need to log the last time the user signed in using my node.js server. I am looking into three options. The persistence requirement is not super high, meaning that the margin of error of this record being recorded is open.
Use SQL DB and whenever the user logs in it modifies their profile account.
Record it in a server text file. So whenever the user logs on, this file will be opened and updated. The opening, recording and closing of the file will all be done asynchronously.
I'm thinking that the second option is the better on because I'm using SQL for many other operations so I prefer to not interrupting my DB as much as possible.
One concern I have for the second option is the performance hit on the server that will be caused by the frequently read and write to a local text file.
I'm curious what other people who have gone through this path thought about my thought process. Any opinions or tips are highly welcomed. Thank you.
Normally you should use a SQL database, it is a much more better way than the plain text.
The main problem with a text file is that when you log in, you can simply append a line (but what about a couple of user loggin in at the same moment ? You have not any warranty that all the access are logged), but when you want to extact the last login for a user, you should read (and then load) all the file from the start (or the end), which can cause a really worst problem than the access to the DB.
Naturally you can work out all the problems with a text file, but then you have written a lot of code to avoid a simple update query.
I don't think that, with the information you give, you should be worried about the performance of a database access in this case.

Set Application Expiration Date

I have a VB.NET application that I would like the user to be able to run for a fixed period, then have it switch to a partially restricted mode. I have the code in place to do that, as well as code to encrypt data. What I need is to be able to track the date the application is first used. And have the date saved somewhere and in a format that the user is not likely to be able to reset it. Is there a preferred way to do this, such as some obscure Registry key?
If it 100 percent requires this, then you need to store the information in your server. This is quite hard to do. If it doesn't need to 100 percent high security, you can use Settings in your application, or the registry. Here is a good tutorial on using settings in your application: http://www.dreamincode.net/forums/topic/72654-using-settings/.
If you want to use the registry, then here is a good tutorial on that: https://msdn.microsoft.com/en-us/library/85t3c3hf.aspx. Note that using the registry requires administrator privileges.

expire application after 1 year span from client PC, No internet is available on client PC

I have one vb.net windows application and I want to deliver it to my client with 1 year validity.
After one year this software will automatically stop working or ask for renewal.
The client PC doesn't have internet access.
Please tell me the secure way for this.
When the program is installed, have it set a registry value with the current date. Then, on every subsequent program start, have it check that registry value against the current time. If more than a year has passed, do whatever you plan on doing to lock up your application.
This post has some excellent info on the specifics of adding, modifying, and accessing registry values in vb.net.
Check the date.
If dateToday > dateProgramSold.AddYears(1) Then
'open form that cant be close saying program is expired
End If
When the program is installed, it should ask for an registration key (they could get it by email, print it off and type it). The key should contain the last day of validity (encrypted). Store the key in the registry (or somewhere else). When the program starts, you check the date inside the key.
If they re-install the end date will stay the same.
When they want to update, just send a new key by email or mail.
The amount of security you put into just could depend on how much you trust the company. Because they could always decompile and crack your software.
I needed to do this for a program I wrote. My final solution included the resolution that you can't be 100% foolproof, so I considered my users and did the best I could with what I had.
Without access to the internet, how does the computer know what date it is? It has to rely on user input for it. So if a user can input it, then a user can change it. There is no foolproof way to get an accurate date from the PC without the the user having access to it. Whether from the OS, the BIOS, etc.
So what I ended up doing was putting an obfuscated key into the registry in an obscure place. HKCU >> Software. I made the key just some letters and numbers {L12A3C0DFF} then I named the key Z0B0 and made the value the obfuscated date. I took the year month and day and ran each one through a different calculation. I ended up with something that looked like DDE011468932.
Each time the program ran it decoded this registry setting to see if a year had passed based on the time in the BIOS. If the date in the BIOS was earlier then this date then they changed it and I would not not allow my program to run.
Also each time the program ran, I checked the date in the BIOS and stored this in the registry in the same way. So I would check to see if they changed the date in the BIOS to an earlier date.
So in order for them to abuse the date restriction of one year, they literally had to change the date in the BIOS every day which I figured was not worth it to them to do, besides, they would have had to figure out where I was getting the date from to begin with, which would take decompiling (and I wasn't selling it to a bunch of programmers). Simply changing the date in the OS wouldn't fool it.

Can I use an API such as chef to automatically create, name and set passwords to multiple servers?

I am new to this so forgive me for not understanding the lingo.
I have been using rackspace cloud control panel to build multiple virtual servers, i use them for maybe a couple of hours then i delete them. I need these servers to all have specific and unique names such as: "server1, server2, server3, etc." I also need them to have a specific password unlike the randomly generated password that is assigned by default.
I have been creating each individual server manually (based on an image that's set up) then I have to go back and reset the password andreboot all of them. Doing each one manually is a bit time consuming and I'm sure there is an easier way. Please help me figure this out.
I've been doing some searching but I haven't found anything too relevant to my problem on top of that I'm not too familiar with programming and such.
Basically what I'm looking to do is automatically create these servers with their appropriate names and passwords already built in from the start. I'm not sure if some sort of "API" is the answer, or if there's some sort of script that can be written, or both.
Any assistance is much appreciated.
thanks,
Chris

How do I get back to my Reporting Services Data?

I have almost exactly this problem. I say, almost exactly because the answer that worked for this gentleman did nothing whatsoever for me. I can open my own database and see all of the lovely RS data sitting there staring at me but the actual Reporting Services installation still can't. This all came about because of precisely what he said. We accidentally left the password policy on on the Reporting Services account and it expired. When I changed it the whole thing went kaputt. I'm still getting the "key cannot be used in current state" error message even after dropping all encrypted data from the RS installation. I have no access to the Report Manager to reset encrypted information. Has anyone got any suggestions?
EDIT: In continuing my research I found this suggestion. It's not that.
Well... here's the thing.
I eventually tried creating a whole new user to take charge of the SSRS operations. I also remembered to update those details on our live data server. (I did this first and it failed to work as it was still telling me the key could not be used then.)
I guess that there must be something that prevents the reassignment of the SSRS gofer account's password. The new user is set up identically and works perfectly. So that's what cleared it up for me but I'm a little irritated that I still don't know exactly why...