d00bi0us
16th November 2006, 01:41
Hello,
I am a first time poster here so forgive my lack of background and familiarity with the site.
I am currently consulting on a Sarbanes Oxley (SOX) General IT Audit and I need to find a way to query a BAAN system to validate system variables. I do not have any background with BAAN, but I do have some background with Unix server administration.
The environment I am testing is BAAN IV, which is running on Unix 11.11 and I was also told has an implementation of DISUS 1.5. I do not understand the exact relationship between DISUS and Unix, but I understand that it is an administrative tool. What I do know is that there is a software engineering and consulting company named DISUS <http://www.disus.com/>, but the Manager of Systems Administration that I am working with has denied that his company hired DISUS for their services (possibly out of ignorance).
I have a primary objective and secondary objective behind my work.
a) Primarily, I simply need to be able to locate and validate settings for variables that can affect the items below:
1) Restricted use of duplicate passwords.
2) Restricted use of repeating characters within a password. (my research has so far told me that this cannot be configured)
3) Passwords must contain at least one number (alphanumeric variables)
4) Passwords must contain a certain number of alphanumeric characters (password complexity).
b) Secondly, I would like to be able to provide the Manager of System Administration with a solution (tool, script, or otherwise) that will allow him to easily configure these settings in the future. Previously, my client used npassword, but that no longer works on their current versions of UNIX. Through my research on the forums so far ( primarily this thread: http://www.baanboard.com/baanboard/showthread.php?t=295 ), I have seen the mention of PWage (which appears to no longer be sold/supported) and DISUS.
Any help would be appreciated.
I am a first time poster here so forgive my lack of background and familiarity with the site.
I am currently consulting on a Sarbanes Oxley (SOX) General IT Audit and I need to find a way to query a BAAN system to validate system variables. I do not have any background with BAAN, but I do have some background with Unix server administration.
The environment I am testing is BAAN IV, which is running on Unix 11.11 and I was also told has an implementation of DISUS 1.5. I do not understand the exact relationship between DISUS and Unix, but I understand that it is an administrative tool. What I do know is that there is a software engineering and consulting company named DISUS <http://www.disus.com/>, but the Manager of Systems Administration that I am working with has denied that his company hired DISUS for their services (possibly out of ignorance).
I have a primary objective and secondary objective behind my work.
a) Primarily, I simply need to be able to locate and validate settings for variables that can affect the items below:
1) Restricted use of duplicate passwords.
2) Restricted use of repeating characters within a password. (my research has so far told me that this cannot be configured)
3) Passwords must contain at least one number (alphanumeric variables)
4) Passwords must contain a certain number of alphanumeric characters (password complexity).
b) Secondly, I would like to be able to provide the Manager of System Administration with a solution (tool, script, or otherwise) that will allow him to easily configure these settings in the future. Previously, my client used npassword, but that no longer works on their current versions of UNIX. Through my research on the forums so far ( primarily this thread: http://www.baanboard.com/baanboard/showthread.php?t=295 ), I have seen the mention of PWage (which appears to no longer be sold/supported) and DISUS.
Any help would be appreciated.