cannot add password to user name with hyphen (-) in Terminal Code - linux

I created a Data Base with user smart-brain. And i wanted to add a password to it. which always gives me error
I tried creating another user without the hyphen and there was no problem.
Using Linux ubuntu
https://gyazo.com/03a58dcbd539a75868d886d66ca299a9
createdb 'smart-brain'
psql 'smart-brain'
psql (10.6 (Ubuntu 10.6-0ubuntu0.18.04.1))
Type "help" for help.
smart-brain=# ALTER USER smart-brain WITH PASSWORD 'test123';
ERROR: syntax error at or near "-"
LINE 1: ALTER USER smart-brain WITH PASSWORD 'test123';

This is untested, but valid Postgres identifiers can only include letters, digits, underscore, or dollar sign. Hyphen does not appear to be included in that list. This means that, assuming user smart-brain even exists, you should be escaping it using double quotes. Try the following alter statement:
ALTER USER "smart-brain" WITH PASSWORD 'test123';

Related

How to find which line has a missing attribute in a file that use a fixed pattern?

I have a file with a list of LDAP users with their password encoded. The file always has the same pattern as seen in the following example:
cn=user01,cn=users,dc=mycompany,dc=com,dc=ar
userpassword={SHA}sssFRwn116jjIF3EXEhecyFER=
cn=user02,cn=users,dc=mycompany,dc=com,dc=ar
userpassword={SHA}wwU3GCFOgidd5Z2h+jBKjsFER/w=
cn=user03,cn=users,dc=mycompany,dc=com,dc=ar
userpassword={SHA}GfGfptC2N43BDsfkqL6v0V+iFER=
cn=user04,cn=users,dc=mycompany,dc=com,dc=ar
cn=user05,cn=users,dc=mycompany,dc=com,dc=ar
userpassword={SHA}ZzZGptC2N43BFERkqL6v0V+ixUM=
I need some way to identify which is the user doesn't have a password (in this example the user 'cn=user04') , or at least get the line number in the file where the password is missing using linux console and/or bash scripting
It seems like if you have awk read the file in paragraph mode you can determine whether a record is missing the userpassword attribute by testing if it contains a line break.
$ awk -F, -vRS= '!/\n/{print $1}' file
cn=user04
This solution is kind of a hack, but should work in realistic cases:
fmt -w 999 input.txt|grep -v 'cn.*userpassword'
It would fail if you happen a user with the username userpassword, and this user has no password set; this is a case you would not recognize with this approach.

What is the correct method to determine if a system user exists locally on windows?

I am working on an authentication system for a local server jupyterhub that relies on OAuth protocol. Additionally, it creates a local system user on windows, in case it does not exist.
What is the correct way to check whether a user exists on windows platforms using python?
This would include cases in which the system uses LDAP authentication and the user logged in the machine at least once.
I am looking for the correct windows alternative to the unix-like:
import pwd
try:
pwd.getpwnam(user.name)
except Exception as e:
print(repr(e))
My current solution is to check for the existence of the f"os.environ["SystemDrive"]\Users\{username}" folder. Side question, is there any drawback with the current method?
Here's a solution to checking if a local Windows user exists using python:
import subprocess
def local_user_exists_windows(username):
r = subprocess.run("net user",stdout=subprocess.PIPE)
#look for username in the output. Return carriage followed by line break followed by name, then space
return f"\\r\\n{username.lower()} " in str(r.stdout).lower()
Alternative is to use a regular expression to find username match (^ is regex for beginning of line if used in conjunction with multiline, \b for word boundary):
import re
re.findall(rf"^{username}\b", out,flags=re.MULTILINE | re.IGNORECASE)
Note that the \b could be replaced with \s+ meaning a space character one or more times and yield similar results. The function above will return True if given user name is an exact match with local username on Windows.
Again, my reason for this solution is there might be drawback to checking whether the path f"os.environ["SystemDrive"]\Users\{username}" exists. For example, I have a case where a Local User (e.g,local_username) exists via the net user command or via looking at "Local Users and Groups" control panel, but there is no C:\Users\local_user_name folder. One reason for this I can think of off the top of my head is perhaps the user switched from logging in as a Local User to using a Domain Account, and their User folder was deleted to save space, so the User exists, but the folder does not, etc.)
The call to net user gets local users - and the output looks something like this:
User accounts for \\SOME-WINDOWS-COMPUTER
-------------------------------------------------------------------------------
SomeUser Administrator DefaultAccount
Guest local_admin WDAGUtilityAccount
Notice how the SomeUser in this example is preceded by a \r\n followed by multiple spaces, hence looking for a username string inside this string could yield a false positive if the string you are searching is contained inside another string.
The solution above works for me, but has been tested all of ten minutes, and there might be some other simpler or more pythonic way of doing this.

Windows compatible passwords in bash

I have a script that takes windows compatible passwords and uses them to create an account for the user on the computer with that as their system password.
I have run into an issue where if I escape them and pass it to create the account it is taken literally. Single ' and double " quotes are allowed in windows.
Example user enters hello'world
escaped as hello\'world and stored in the database as hello\'world.
user inputs hello'world login.
Computer expects hello\'world as the correct password, user can not login.
Adding code:
echo "somepass" | sudo -S /Applications/Setup\ user.app/Contents/Resources/nugget "Joe User" "juser" "ju$er'Pa$$".345"
Essentially the account for the user is created, another admin account has to be used and the password set from the gui where ju$er'Pa$$".345 is entered and from there the user can login fine.
Does this do what you want? (Obviously you need a safe method to retrieve the password, either from read input or by reading from a file handle or pipe).
neech#nicolaw.uk:~ $ read -r password ; printf '%q\n' "$password"
ju$er'Pa$$".345
ju\$er\'Pa\$\$\".345
neech#nicolaw.uk:~ $

How do you escape round brackets in passwords for bitbucket-api in node.js

I am trying to access a particular repository on BitBucket using bitbucket-api in node.js and my password contains funny characters (round brackets and spaces). It doesn't throw any useful errors or let me get the data.
I happen to like my password so I don't want to change it. I know that removing the round brackets and spaces from the password fixes the issue.
What can I do?
After plenty of searching and stepping into the implementation for curl-transport.js, I have found a way to work around this issue. It relies on understanding of what curl-transport passes to require('child_process').exec.
Essentially the mechanism works by starting a new process for CURL and passing in command line arguments. By having round brackets, it confuses CURL and by having spaces it confuses the command line argument parsing. So to work around it, simply add a double quote as the first character of the username and an ending double quote as the last character of the password; so when the two strings get concatenated (ie: username+":"+password) then the final string will be "USERNAME:PASSWORD" which get's passed as one argument to the process.
My node code looks like this:
var bitbucket = require('bitbucket-api');
var credentials = { username: '"USERNAME', password: 'PASSWORD With Spaces and ()s"' };
var client = bitbucket.createClient(credentials);
var repository = client.getRepository({ slug: 'repoName', owner: 'USERNAME' }, function (err, repo) {
//Code to access the repo object.
console.log(repo);
});
Notice how username has an additional double quote at the beginning of the value (this is the hack). I have added spaces and emphasised it below because it's not obvious::
username: ' " USERNAME'
Notice how password has an additional double quote at the end of the value (this is the hack). I have added spaces and emphasised it below because it's not obvious:
password: 'PASSWORD With Spaces and ()s " '
The call will then succeed and you will get back the details for your repository.
BTW, this fix worked for me in V0.0.6 of bitbucket-api on Windows 8.
A helpful note:
On windows, please remember to put the following into your path so that it can find CURL. You can do this through [Win8: Windows-X]->System->Advanced System Settings->Advanced->System Variables->Path->Edit...
Make sure git's binaries are in the path for CURL:
C:\Program Files (x86)\Git\bin
Also, if you are trying to get it to work on heroku then you might need to work around pathing issues by re-installing the Heroku toolbelt under C:\Heroku (see other posts for why) and adding the following to the path:
C:\Heroku\ruby-1.9.2\bin;C:\Heroku\bin;C:\Program Files (x86)\Git\bin

Trying to obtain memberof detail from linux ldapsearch command

I am trying run an LDAP query from a Linux machine (CentOS 5.8) to a Windows LDAP server and want to get 'memberof' detail for a user. In this example, the Domain is cm.loc and the user is admin1#cm.loc. Here is the ldapsearch syntax I am using. It returns an error.
Can someone point me in the right direction with what the correct syntax should be using ldapsearch to query for memberof detail for a particular account?
Here is what I am using that returns error; "ldap search ext bad search filter 7"
Where is my syntax wrong?
ldapsearch –x –h 192.168.1.20 –b 'DC=cm,DC=loc' -s base –D 'admin1#cm.loc' -W '(&(objectCategory=Group)(|(memberOf=group1)(memberOf=group2)…))'
Thank You
memberOf is an attribute with DN syntax. group1 is not a DN.
The syntax looks OK, you need to use the full DN syntax for the memberOf query, and it's still memberOf=, not memberOf: - if you use the colon syntax then you'll get the bad search filter error.
The next thing is that you must escape the search string according to the specifications of RFC4515. This generally means that the following characters in the search string terms: \, *, (, and ) must be escaped using \5c, \2a, \28, \29 respectively, otherwise you get the same error - bad search term. This is on top of the escaping that the ldap server may have applied to the DN already.

Resources