ALERT! The community will be read-only starting on April 19, 8am Pacific as the migration begins. Read more for important details.
ALERT! The community will be read-only starting on April 19, 8am Pacific as the migration begins.Read more for important details.
Absent Member.
Absent Member.
1209 views

Clear Groupwise user password on restored system

I work for a prosecutors office. I have tape backups going back years. Our office policy does not require that we be able to search thru old mailbox's of users that left years ago and whose user object was deleted years ago but a defense attorney has gone to the court and is requesting this information now. I created a test server in a test tree and restored the directory structure from tape to this server. I can start the po agent on the test server and open up a users mailbox, who was deleted years ago... if they never created a groupwise password. The test server is not connected to our production network. Is there a way to change the groupwise password with out connecting to or installing a replica of our production eDirectory on the test server? It's frustrating because it's very simple to get to the point where I can read an old users mailbox, but only if they never had a password. I wish there was a utility or command that could clear the password when just the groupwise directory structure was available.
Labels (2)
0 Likes
7 Replies
Knowledge Partner Knowledge Partner
Knowledge Partner

dgonnse;2272863 wrote:
.. The test server is not connected to our production network. Is there a way to change the groupwise password with out connecting to or installing a replica of our production eDirectory on the test server?.


If you get the Domain/MTA running in that environment you should be able to graft the GroupWise system and objects into your test tree (via ConsoleOne). Then you should be able to manage the restored GroupWise system and be able to send a password reset for the account to the POA.

I don't know of ways to do a reset with a running POA only (other than having Novell NTS take a look).

-Willem
0 Likes
Knowledge Partner Knowledge Partner
Knowledge Partner

Hi.

Like Willem said, to (re)set a password of a user you need a working
domain (MTA) too that can properly talk to the post office. With just
the post office alone, you can't.

CU,
--
Massimo Rosen
Novell Knowledge Partner
No emails please!
http://www.cfc-it.de
CU,
--
Massimo Rosen
Micro Focus Knowledge Partner
No emails please!
http://www.cfc-it.de
0 Likes
Absent Member.
Absent Member.

You should read this TID:

Recover deleted mail for legal action
- https://www.novell.com/support/kb/doc.php?id=3373106

Following this method you do not even need a post office agent.
0 Likes
Knowledge Partner Knowledge Partner
Knowledge Partner

bvandenberg;2273051 wrote:
You should read this TID:

Recover deleted mail for legal action
- https://www.novell.com/support/kb/doc.php?id=3373106

Following this method you do not even need a post office agent.


Interesting method, combining a postoffice rebuild with clearing the user account's client settings. Hadn't ever seen that procedure/TID... thanks!

As an added note, one still also needs the restored domain to be able to do this on a restored post office structure.

Cheers,
Willem
0 Likes
Knowledge Partner Knowledge Partner
Knowledge Partner

On 20.07.2013 12:46, magic31 wrote:
>
> bvandenberg;2273051 Wrote:
>> You should read this TID:
>>
>> Recover deleted mail for legal action
>> - https://www.novell.com/support/kb/doc.php?id=3373106
>>
>> Following this method you do not even need a post office agent.

>
> Interesting method, combining a postoffice rebuild with clearing the
> user account's client settings. Hadn't ever seen that procedure/TID...
> thanks!


I'm afraid that method to reset/clear the user password in steps 4 to 6
of the alst paragraph don't work consistently. On some accounts it will
work, on others not. You will end up having to run a real MTA and POA
anyways to get the password changed.

OTOH, if you also have an eDir tree *and* graft the restored system into
the edir tree, you can authenticate via eDirectory (and of course chnage
the users eDir PW to your liking) by setting the "no password for
edirectory" option. That's the only way how you would be guaranteed to
get access without having to actually run a MTA and POA.

CU,
--
Massimo Rosen
Novell Knowledge Partner
No emails please!
http://www.cfc-it.de
CU,
--
Massimo Rosen
Micro Focus Knowledge Partner
No emails please!
http://www.cfc-it.de
0 Likes
Knowledge Partner Knowledge Partner
Knowledge Partner

mrosen;2273293 wrote:

I'm afraid that method to reset/clear the user password in steps 4 to 6
of the alst paragraph don't work consistently. On some accounts it will
work, on others not. You will end up having to run a real MTA and POA
anyways to get the password changed.


Thanks for adding that in Massimo, good to know. Had not ever needed to try that (only working with direct mode/file access to restore account data) as a building a restore/dummy server along with running GroupWise agents is a quick enough task to do (with virtualisation, templates for quick roll out and all that) & it gives all the control one might need.


mrosen;2273293 wrote:
OTOH, if you also have an eDir tree *and* graft the restored system into
the edir tree, you can authenticate via eDirectory (and of course chnage the users eDir PW to your liking) by setting the "no password for
edirectory" option. That's the only way how you would be guaranteed to
get access without having to actually run a MTA and POA.


Yep, that's a proven method (using eDir authentication over the GroupWise password). 🙂 Never thought to try it with only a running eDirectory & just using the Direct Mode access (e.g. no running POA). Does make it a tad quicker to get to what's needed.


Cheers,
Willem
0 Likes
Absent Member.
Absent Member.

I used TID 3373106 and it worked great. I found out I don't even have to clear their password in console one. Just doing it from gwcheck takes care of it. I did get a java error trying to run a groupwise client from the Linux server but I just connected up a pc and used the groupwise client on it. I did not have to install agents or create domain or post office. Just connected up to the old directory structure, grafted and the other stuff mentioned in the TID. Thanks for your help!
0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.