Novell Identity Manager 3.0
Novell Identity Manager 3.5
Novell Identity Manager - Remote Loader
Microsoft Windows 2000 Advanced Server
Microsoft Windows 2000
Microsoft Windows 2000 Server
The Security: Best Practices section of the IDM Administration Guide discusses keeping the system running various IDM components secure. As part of this be sure to lockdown the directory structure housing these IDM components allowing access only to those users who need it. This may include some unprivileged users but in a default installation includes just the system administrator and possibly the SYSTEM account. When setting these rights be sure to overwrite the ACLs from the root of the IDM installation through all of the subcontainers. Also inheriting rights from the parent directory should not be done since that is what leads to this vulnerable condition.
Windows 2003 and later do not have the same default rights assignments for the entire drive as windows 2000 which prevents an unprivileged user from writing to the directory with IDM files.
Please refer to the security guide at https://www.novell.com/documentation/idm35/admin/index.html?page=/documentation/idm35/admin/data/front.html