This forum uses cookies
This forum makes use of cookies to store your login information if you are registered, and your last visit if you are not. Cookies are small text documents stored on your computer; the cookies set by this forum can only be used on this website and pose no security risk. Cookies on this forum also track the specific topics you have read and when you last read them. Please confirm whether you accept or reject these cookies being set.

A cookie will be stored in your browser regardless of choice to prevent you being asked this question again. You will be able to change your cookie settings at any time using the link in the footer.

How do I Change Default Username from zadmin to somewhat
#1
How do I Change Default Username from zadmin to somewhat
Hi,

I wanted to know that how can we change the default username zadmin to someother name as it may be a security issue, anyone who knows that sentora is installed on the server knows that there should be a zadmin account , and rest remains hacking the password, as zadmin is the most powerful user. I tried to change the username by updating it in MySQL, but it seems like the name is hardcoded, as some services stopped working , I wasn't able to shadow other users. So kindly let me know if there is a way to change the zadmin name.


Thanks
Reply
Thanks given by:
#2
RE: Change Default Username from zadmin to somewhat
No you can't currently.

Put a strong password first.

The only alternative is modifying the authentication to map another user name to zadmin and thus refuse login to zadmin.

File to check
https://github.com/sentora/sentora-core/....class.php

You need to understand that and don't expect more help over this.

M B
No support using PM (Auto adding to IGNORE list!), use the forum. 
How to ask
Freelance AWS Certified Architect & SysOps// DevOps

10$ free to start your VPS
Reply
Thanks given by:
#3
RE: Change Default Username from zadmin to somewhat
I do believe that taking a different approach to the default username would be useful in security terms.

The best way would be to ask during the install what would be the default username, that would be referenced somewhere in the DB so modules could use it.
My Sentora Resources
[Module] Mail Quota Count | Vagrant Box with Sentora

[Image: vanguardly-logo-micro.png]
Graphic and Web Design. Development.
www.vanguardly.com


Reply
Thanks given by:
#4
RE: Change Default Username from zadmin to somewhat
How about changing all the 'zadmin' to a different name in every file / the databases... I guess it would work then..
Reply
Thanks given by:
#5
RE: How do I Change Default Username from zadmin to somewhat
(05-15-2015, 09:04 PM)Rick Wrote: How about changing all the 'zadmin' to a different name in every file / the databases... I guess it would work then..

Nope
No support using PM (Auto adding to IGNORE list!), use the forum. 
How to ask
Freelance AWS Certified Architect & SysOps// DevOps

10$ free to start your VPS
Reply
Thanks given by:
#6
RE: How do I Change Default Username from zadmin to somewhat
Haha, I know that changing the database alone doesn't work (it fails to load the login page). If it was just a few files, I could do a find and replace, but I suspect it must be more than a few.
Reply
Thanks given by:
#7
RE: How do I Change Default Username from zadmin to somewhat
The only way to do it is either re-code it to check for ac_id_pk = 1 instead of ac_user_vc = 'zadmin' making user account Forum Add-ons and Usage the main account (best way)
--or--
add a new user DB table something like 'ac_zadmin_gd' where 1=zadmin user/0=all others ( ac_zadmin_gd = 1 instead of ac_user_vc = 'zadmin') and re-coding everything to look for this new flag instead of zadmin (the way most user-based systems work). This would also allow for more than 1 'God' account which could be a security risk, easily bypassed through phpmyadmin, and would also break the use of the command line 'setzadmin' function.

I found 6 files with 'zadmin' hard coded. It would 'appear' to be easy enough to convert this to either one of the above mentioned solutions.

By using either one of the above suggestions, you could allow the admin to change the username manually in the database (or edit the installer to ask for a 'god user' name).
-TGates - Project Council

SEARCH the Forums or read the DOCUMENTATION before posting!
Support Sentora and Donate: HERE

Find my support or modules useful? Donate to TGates HERE
Developers and code testers needed!
Contact TGates for more information
Reply
Thanks given by:
#8
RE: How do I Change Default Username from zadmin to somewhat
I have this working in a test environment. Me.B I could do a pull request for you to review it. But first I think we need to discuss if this would cause problems down the road. Also, we need to sort out the pros and cons of changing the name. This should be set during install. (Default=zadmin[else]custom)

One positive right off the top is better security - if each install has a different username, hackers would have to try both username and password.
-TGates - Project Council

SEARCH the Forums or read the DOCUMENTATION before posting!
Support Sentora and Donate: HERE

Find my support or modules useful? Donate to TGates HERE
Developers and code testers needed!
Contact TGates for more information
Reply
Thanks given by:
#9
RE: How do I Change Default Username from zadmin to somewhat
You can send the pull request but we are freezing the master branch for next release hope we can get thru the testing.

M B
No support using PM (Auto adding to IGNORE list!), use the forum. 
How to ask
Freelance AWS Certified Architect & SysOps// DevOps

10$ free to start your VPS
Reply
Thanks given by:
#10
RE: How do I Change Default Username from zadmin to somewhat
Ok, will hold off on the PR until this release is done to save any confusion. It will need some extensive testing to ensure there are no conflicts.
-TGates - Project Council

SEARCH the Forums or read the DOCUMENTATION before posting!
Support Sentora and Donate: HERE

Find my support or modules useful? Donate to TGates HERE
Developers and code testers needed!
Contact TGates for more information
Reply
Thanks given by:


Possibly Related Threads…
Thread Author Replies Views Last Post
Change Panel Sub-domain TGates 7 36 ,546 06-12-2017, 08:27 AM
Last Post: TGates
Is there a way to change the default admin name "zAdmin" dsmarter 3 9 ,353 02-12-2017, 01:42 PM
Last Post: TGates
How to overwrite default admin. vhost? NIicK 1 6 ,408 03-27-2016, 01:16 AM
Last Post: Me.B

Forum Jump:


Users browsing this thread: 1 Guest(s)