Page 1 of 1
AD user named "nagios"
Posted: Tue Sep 08, 2020 2:42 pm
by hbouma
In reference to post
https://support.nagios.com/forum/viewto ... 16&t=49797
One of our Security Administrators made an AD account called Naigos without talking to us. What impact would it have on the product at this point if the account is removed from AD? I see the local accounts still exist in /etc/passwd, but I am unsure how this will effect the application.
Re: AD user named "nagios"
Posted: Wed Sep 09, 2020 2:57 pm
by jdunitz
Is there any indication as to which one has been used? Do you have your machine set up to use local accounts first?
If so, it should be fine. Presumably the AD version of the account has a different user number and possibly group? If so, you should scan your machine for anything owned by the AD nagios user's UID/GID, like "find / -uid 4242" (assuming the AD nagios's UID is 4242).
--Jeffrey
Re: AD user named "nagios"
Posted: Thu Sep 10, 2020 7:40 am
by hbouma
It appears that the servers are using our local account first. Thankfully.
I am going to work with our Security department to rename, then eventually delete the AD account so that it doesn't cause issues in the future.
Please feel free to lock this thread.
Re: AD user named "nagios"
Posted: Thu Sep 10, 2020 8:56 am
by scottwilkerson
hbouma wrote:It appears that the servers are using our local account first. Thankfully.
I am going to work with our Security department to rename, then eventually delete the AD account so that it doesn't cause issues in the future.
Please feel free to lock this thread.
Great!
Locking thread