user-accounts interview questions
Top user-accounts frequently asked interview questions
I could grep through /etc/passwd but that seems onerous. 'finger' isn't installed and I'd like to avoid that dependency. This is for a program so it would be nice if there was some command that let you just access user info.
Source: (StackOverflow)
Facebook allows you to create test user accounts that can only be used for testing purpose.
Does Twitter provide similar functionality ? I don't want to get my application blacklisted for creating fake user accounts; do I have to use my real user account for testing my application ? What strategies are your using for testing application with Twitter ?
Source: (StackOverflow)
I am using mrt add accounts-ui-bootstrap-dropdown
and mrt add accounts-password
to get a simple login page running on my app.
The accounts users gives me a nice hash containing ids, createdAt, emails, etc.
If I wanted to add other fields in this hash so I can make use of them later, how would I do that? For example, I want then to also enter their given name and surname:
"given_name": "John", "surname": "Doe"
Source: (StackOverflow)
I am running slitaz distro, and would like to completely remove the root password. I have tried giving a blank password to the passwd
command, however that did not seem to do the trick. It gave me an error password was too short, ans it still asked me for a password when I ssh-ed in. The password was just hiting the "Enter" key.
UPDATE:
Perhaps it has to do with the fact that slitaz uses dropbear for ssh? Because even with a blank password for root in /etc/shadow
, it still prompts for a password.
Source: (StackOverflow)
I'm currently running Vista and I would like to manually complete the same operations as my Windows Service. Since the Windows Service is running under the Local System Account, I would like to emulate this same behavior. Basically, I would like to run CMD.EXE under the Local System Account.
I found information online which suggests lauching the CMD.exe using the DOS Task Scheduler AT command, but I received a Vista warning that "due to security enhancements, this task will run at the time excepted but not interactively." Here's a sample command:
AT 12:00 /interactive cmd.exe
Another solution suggested creating a secondary Windows Service via the Service Control (sc.exe) which merely launches CMD.exe.
C:\sc create RunCMDAsLSA binpath= "cmd" type=own type=interact
C:\sc start RunCMDAsLSA
In this case the service fails to start and results it the following error message:
FAILED 1053: The service did not respond to the start or control request in a timely fashion.
The third suggestion was to launch CMD.exe via a Scheduled Task. Though you may run scheduled tasks under various accounts, I don't believe the Local System Account is one of them.
I've tried using the Runas as well, but think I'm running into the same restriction as found when running a scheduled task.
Thus far, each of my attempts have ended in failure. Any suggestions?
Source: (StackOverflow)
On a site that has a fair share of user-generated content such as forum threads, blog comments, submitted articles, private and public messaging, user profiles, etc; what is the best practice as far as what to do with the user-generated data if a user terminates their account?
I'm not asking legal advice and I don't view this as a legal question so much as a question of striking a balance between the user, other users, and the site because terms of use can be drawn up after that balance is struck. Some of the following scenarios should be considered when a user deletes their account:
- Private messages between users -
Should the conversation trail be
deleted? If so, how do you account
for cases of harassment where legal
evidence is needed?
- Forum questions or answers - If the
user asked a question, should the
entire thread be deleted? If they
answer a question, should the answer
be deleted?
I'm asking this question as I'm implementing user accounts into a CMS. I know that Facebook recently ran into trouble with their changes in their terms of use, but how do you balance a desire to delete with the needs and investment of the other users who also participated?
Source: (StackOverflow)
I am using Linux, Oracle10g.
I have created one user called test. and granted create session and select any dictionary permission to the same user.
i also granted sysdba and sysoper roles to the same users.
Now i want to display all the privileges and roles granted to the user.
I found following query but it shows only create session and select dictionary privileges.
select privilege
from dba_sys_privs
where grantee='SAMPLE'
order by 1;
please help to resolve the issue.
Thanks
Source: (StackOverflow)
I have a WindowsService named, say, BST. And I need to give a non-Administrator user, UserA, the permissions to Start/Stop this particular service. My service runs on a variety of Windows OS, starting from Windows Server 2003 to Windows 7.
How can I do this?
I Googled and found some stuff about giving permissions using the command [sc sdset], but I am not exactly sure about the parameters. I do not want to set the permissions for a group, but ONLY to a particular user, UserA in this case.
Source: (StackOverflow)
I am software tester working on outsourced projects for many clients.
Frequently, I am required to test Facebook apps just before they go live. Often, the content of the app requires several interactions with other Facebook friends, including pulling of tagged photos and retrieving a user's info.
Most advice suggests that I should be using Facebook test accounts, created by a developer of a specific app. However, due to the complexity of some of the requirements in order to fully test certain apps, a dummy account - pre-filled with 'real' information is much more practical to use. It is clear that if we were to add all of this detail to Facebook test accounts for every new project, we would never get any time to actually test the app.
My company has approximately 20-30 dummy user accounts on Facebook, all of which have a good level of detail including personal info, photos, friend networks etc. These are perfect for testing as they are normal Facebook accounts. We always set option to private to prevent any sensitive material from being seen by the general public.
Over the last moth or more, our dummy user accounts are being systematically wiped out where Facebook is blocking them. Clearly, we cannot re-instate these accounts as we have no ID for the 'dummy' users.
Our aim is to aid the developers to improve the quality of their Facebook apps, and so has no detrimental effect on Facebook as a company or a brand.
Is there any way to achieve our requirements without the constant battle to maintain our dummy accounts?
Source: (StackOverflow)
So there are definitely many tutorials out there regarding how to integrate various individual social network authentication/registration into existing user accounts. But the scenario I can't seem to find out much information about is if a user signs into your account with different social network credentials. For example:
Scenario #1
User registers on site using site's authentication.
User then signs in/registers on site using Facebook Connect.
User then signs in/registers on site using Twitter.
How do I integrate all of these into one account?
Obviously once a user is registered, they can add other social network associations in the account settings pages. But I am more concerned if they register via the other social network not remembering they are already setup.
My general thoughts are trying to figure out a way to use the "username" or email to try and guess and present the user a way to combine accounts right there.
Anyone have any thoughts?
Source: (StackOverflow)
In my community, every user should only have one account.
So I need a solution to verify that the specific account is the only one the user owns. For the time being, I use email verification. But I don't really need the users' email adresses. I just try to prevent multiple accounts per person.
But this doesn't work, of course. People create temporary email addresses or they own several addresses, anyway. So they register using different email addresses and so they get more than one account - which is not allowed.
So I need a better solution than the (easy to circumvent) email verification. By the way, I do not want to use OpenID, Facebook Connect etc.
The requirements:
- verification method must be accessible for all users
- there should be no costs for the user (at least 1$)
- the verification has to be safe (safer than the email approach)
- the user should not be demanded to expose too much private details
- ...
Do you have ideas for good approaches? Thank you very much in advance!
Additional information:
My community is a browser game, namely a soccer manager game. The thing which makes multiple accounts attractive is that users can trade their players. So if you have two accounts, you can buy weak players for excessive prices which no "real" buyer would pay. So your "first account" gets huge amounts of money while the "second account" becomes poor. But you don't have to care: Just create another account to make the first one richer.
Source: (StackOverflow)
I wrote a code that request an AuthToken from the account manager, using the getAuthToken(). On the first time - the user needs to "Allow" the authentication, but later on there's no need to.
I want to know if there's a way to revoke that permission, using the android system or code, in order to help me debug my program (I'm running out of accounts :)). Uninstalling the app doesn't help.
Thank you,
Udi
Source: (StackOverflow)
I have two questions.
1) How do I know if a 'user account' is exists on my windows OS (vista)? I need this information of a stand alone machine. I mean, the machine doesn't joined to any domain.
2) also I want to know whether a user is a part of a group? for eg. is a user 'admin' part of administrator group or not?
could anyone pls help..
Source: (StackOverflow)
Most of the examples I see on the web create user accounts in this sequence: user comes to the site, they choose a username and password and enter their email. A confirmation email to sent to this email and if they click the link, the account gets "verified". If they don't verify, the account gets deleted after a while.
I was told about another way: get the user to verify the email first, and when they click the verification link in their email they can start to create a username and password.
Does anyone see any problems with the second way, whether a security concern or anything else? It's not common and I personally cannot find a totally obvious problem with it, but I'd prefer to use it only after many people confirm they don't see problems or loopholes with it either.
Source: (StackOverflow)
I am making a meteor app and I have the mrt accounts-password package added as well as mrt accounts-ui-bootstrap-dropdown.
I have added the loginbuttons so users can create an account and that works just fine. I am using all defaults.
On the server I have the code:
Accounts.config({
sendVerificationEmail: true,
forbidClientAccountCreation: false
});
And when I create a new account, the server console prints:
I20130821-18:31:42.105(-4)? ====== BEGIN MAIL #0 ======
I20130821-18:31:42.106(-4)? MIME-Version: 1.0
I20130821-18:31:42.107(-4)? From: "Meteor Accounts" <no-reply@meteor.com>
I20130821-18:31:42.108(-4)? To: hidden@hidden.edu
I20130821-18:31:42.108(-4)? Subject: How to verify email address on localhost:3000
I20130821-18:31:42.109(-4)? Content-Type: text/plain; charset=utf-8
I20130821-18:31:42.109(-4)? Content-Transfer-Encoding: quoted-printable
I20130821-18:31:42.109(-4)? Hello,
I20130821-18:31:42.110(-4)? To verify your account email, simply click the link below.
I20130821-18:31:42.110(-4)? http://localhost:3000/#/verify-email/C2vJeaDLeMkkWmcRY
I20130821-18:31:42.111(-4)? Thanks.
I20130821-18:31:42.111(-4)? ====== END MAIL #0 ======
So it looks like it sends the email from the server but I never get the verification email in my inbox. And I tried multiple times and it has been over an hour! I also checked my spam folder. What gives?
Thanks in advance
Source: (StackOverflow)