hello all

big mess......... please advice

G5 Running OS X tiger

here is the problem

person left our company, a new person who came in changed every name to her name except short name, password reset as well, old user account had admin prev, now it reads standard i tired to changed back to Admin it is asking for Admin User name and password, i also tired booting off OS X cd and reset the password,
i go to system pref tired to authenticate it asking again for Admin User name and password
also all of the keychain settings were deleted

any ideas?

Is there any Admin account on the machine? Or did the new person manage to destroy the only account? If there is (and there should always be a backup Admin account for emergencies like this), then log in to that Admin and change the new user's account back to Admin.

Otherwise, if there are NO Admin accounts on the machine at all, do the following procedure exactly:

1. Boot to your OS X Install CD or DVD, select "Reset Admin Password" from one of the pulldown menus, select the Root account, and give it a new password.
2. Boot the computer from the hard drive. At the Login screen, select "Other". For username, enter root, for password, enter the password you just set.
3. Once logged in, go to System Preferences > Accounts. Select the new person's account, go to the Security tab, and check the box marked "Allow user to administer this computer".
4. Log out of root and into the new person's account. Verify that it is now Admin status.
5. Launch NetInfo Manager. It is an app in /Applications/Utilities. Go to the Security pulldown menu, select Authenticate, and enter the username and password for the new person's account. Then, also in the Security pulldown menu, select "Disable Root User". Save and close NetInfo Manager.

Now, you're done. But I'd highly advise you to create another Admin account on that computer (and all other computers) so that if the main Admin account gets corrupted in some way you have another way into the computer.

Trevor

yes there an admin account under other accounts

what do i do

Since there's another Admin account, log in to the other Admin account, go to System Preferences > Accounts > select the new person's account, go to the Security tab and check the box to "Allow user to administer this computer".

Trevor

it doesn't allow me to do that

any other ideas
please help

Then you will need to remove the keychain files either via the other admin account of via single user mode for that account. The files are located in ~/Library/Keychains
Normally I'd tell you to try a repair first but since you can't use the admin user/pass combo you won't be able to do it.

so i have to boot in single mode 'command s' right?
delete keychain
i only have two user accounts
standard and admin
both won't let me authenticate

im going nuts with this thing
any other options?
or i have do clean install ?

1. Boot to your OS X Install CD or DVD, select "Reset Admin Password" from one of the pulldown menus, select the Admin account, and give it a new password.

2. Reboot and log in to the Admin user with the new password. Once logged in, go to System Preferences > Accounts. Select the new person's non-admin account, go to the Security tab, and check the box marked "Allow user to administer this computer". It is now an Admin account.

Trevor

thanks Trevor

i did all that, it is still asking me to authenticate
Admin name
and
password
i type it in and does not let me do it OS 10.4.4

What exactly is asking you to authenticate? Please be detailed, list on a step by step level exactly what you do, exactly what the message says and what the dialog box looks like.

Screenshots would be nice, too. You can upload them to this board quite easily.

Trevor

sorry for not being clear
when i go to sys pref click on accounts, the little lock icon on the lower left hand corner when click on it, it prompts to type in user name and password it tell me its invalid, same as when you try to install software it is asking to type in ur password, it does not let me change anything user name and pw is invalid,
but when i login its fine
i hope that clear things up a little
thank you in advance

I think I recall from some older threads here that this kind of thing (admin password not being accepted) is an indication of a corrupted NetInfo database.
You might try carefully following Apple's instructions in this document to restore the NetInfo database from backup:
http://docs.info.apple.com/article.html?artnum=107210

thanks hayne
i will try it first thing tomorrow morning
hopefully it works

thanks hayne it worked

http://docs.info.apple.com/article.html?artnum=107210
was really helpfull,
Restoring from defaults

If you do not have a good backup or just want to start over, you can restore from defaults. Follow these steps:

1. Start up the computer in single-user mode, as described above.

2. This command renames the current NetInfo database, so that it may subsequently be automatically replaced:

# mv /var/db/netinfo/local.nidb /var/db/netinfo/local.nidb.bad

3. Optional - if you have a network domain:

# mv /var/db/netinfo/network.nidb /var/db/netinfo/network.nidb.bad

Note: You may also want to move any other nibd folders in /var/db/netinfo that are not being restored.

4. Remove the AppleSetupDone file:

# rm /var/db/.AppleSetupDone

5. Restart the computer:

# reboot

only thing had re install all 3rd party App, but main app were still there
which is good

Question for Hayne

At my other job where we provide tech support to college students in a computer lab, we have about 40 PC's and 10 Mac's OS 10.4 All students login as Standard Users
the question is? can a student use the same method i did and login as admin, which means he/she can change short name, password and etc ...

can a student use the same method i did and login as admin, which means he/she can change short name, password and etc ...
I must not be understanding the question.
Obviously anyone who knows the admin name and password can log in as the admin.

that method would work without knowing admin user and password

1. Start up the computer in single-user mode, as described above.

2. This command renames the current NetInfo database, so that it may subsequently be automatically replaced:

# mv /var/db/netinfo/local.nidb /var/db/netinfo/local.nidb.bad

3. Optional - if you have a network domain:

# mv /var/db/netinfo/network.nidb /var/db/netinfo/network.nidb.bad

Note: You may also want to move any other nibd folders in /var/db/netinfo that are not being restored.

4. Remove the AppleSetupDone file:

# rm /var/db/.AppleSetupDone

5. Restart the computer:

# reboot

Oh - anyone who can start up the computer in single-user mode has complete control of the machine. Replacing the NetInfo database is just one of the many things that person could do.

If you want to prevent access to single-user mode (a good idea in any institutional setting), see Apple's procedure for setting an Open Firmware password:
http://docs.info.apple.com/article.html?artnum=106482
See also this article on the main macosxhints site about another method of preventing access to single-user mode:
http://www.macosxhints.com/article.php?story=20060202045826871#comments

thanks Hayne
once again great help

we don't have time to watch all the students