Advisory: Support Portal Maintenance. Login is currently unavailable, more info available here.

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Better way to identify local users in the XG firewall?

Due to the recent SQL injection attacks on our firewalls, we are taking the precaution of changing all of our local passwords.  We don't have a whole lot on there, but the trouble is they are mixed in with AD users.  There are over 900 users on our main firewall.    According to KB 135419 - yes I can go into each user and look at a field.  With any large amount of users this is totally impractical.  It looks like all the users that came over from AD have the domain appended to the end of the username.  I've sorted those out with the filter for now, but this doesn't necessarily mean they are AD accounts.  They could still be local.

How can I filter on only my local accounts?



This thread was automatically locked due to age.
Parents
  • cish method for listing and changing local users: https://community.sophos.com/kb/en-us/135493

    I'm not seeing the expected user modification result outlined there yet on our xg's on current sfos 17 + 18.  It reports"PIN is set for 0 user(s), failed for 0 user(s)" after the command is run even though it does show the users.  Opened a support case for that and maybe others will have different results.

Reply
  • cish method for listing and changing local users: https://community.sophos.com/kb/en-us/135493

    I'm not seeing the expected user modification result outlined there yet on our xg's on current sfos 17 + 18.  It reports"PIN is set for 0 user(s), failed for 0 user(s)" after the command is run even though it does show the users.  Opened a support case for that and maybe others will have different results.

Children
No Data