DSSec can be used to run a report on NDS/eDirectory and check for various security related issues.
Among the items that can be checked are:
* Identify Objects that have Rights to the Directory Root
* Identify Objects that have Rights to the Organization/Country Level
* Identify Users who have not Logged in for some Time
* Identify Users who do not have a Password
* Identify Users with Admin Rights on Servers
* Identify Users with Admin Rights on Containers
* Identify Users with no Periodic Password Change Required
* Identify Users with Accounts Disabled
* Identify Users with Accounts Locked by Intruders
All items can be checked individually or as a group to fit your environment’s needs.
The utility can be run against a whole tree or against selected organizational units.
To run the application, you must have the NetWare Client32 software installed. The utility should be run with Admin rights on the tree and in the selected unit, or the returned data will not return the complete picture.
Requires: NetWare Client32 / NWErr32.dl, available from http://wstools.net/Documents/nwerr32.zip.