How do I enable the password cracking function in VigilEnt Security Agent for Netware? (NETIQKB26293)

goal
How do I enable the password cracking function in VigilEnt Security Agent for Netware?

fact
VigilEnt Security Agent for Netware 1.1

fact
VigilEnt Security Agent for Netware 1.2

fact
VigilEnt Security Agent for Netware 1.3

fact
VigilEnt Security Agent for Netware 1.3.2

fix

The password cracking function is disabled by default. You must enable the password cracking function to run the 'Users with Weak Passwords' report; however, enabling the password cracking function may increase the report generation time considerably. Also, you must have write permissions for all accounts that you want to check. The password cracking function will skip any non-writable accounts.

To enable the password cracking function, follow these steps:

1. Using Windows Explorer, navigate to the VSAN\config directory.

2. Open the password.pol file in a text editor.

3. Select the word None in the file, and replace it with the word fast or full.

   • The fast setting checks for null passwords and passwords that equal a user name.

   • The full setting checks all passwords against a dictionary of common words. Enabling the full password cracking option may increase the report generation time considerably because each password cracking attempt takes approximately three seconds. For example, if there are three users and five words in the dictionary, it will take approximately 45 seconds to complete the password cracking run (3 seconds × 3 users × 5 passwords = 45 seconds). Due to this time requirement, performing the password cracking function on very large NDS trees may be impractical.

4. Save the file and exit the text editor.

VigilEnt Security Agent for Netware runs the password cracking function using the demo cracking dictionary the next time that you generate reports.

Formerly known as NETIQKB26293