How to check if a new username is a system user?

I want to create a script that change a username. I want to check if the user is not a system user. My idea is to check /etc/passwd and pick only users with an ID between 1000 and 60000 and users that have a /home directory like

 user:x:1005:1021::/home/user:/bin/sh 

My grep command for now is like

   egrep -E '1[0-9]{3}.*/home' /etc/passwd  

As you can see, it doesn’t match my [1000-60000] pattern nor the name

Why is it so difficult to change the username in Ubuntu(and possibly other linux distributions)?

When I installed Ubuntu, a used a username that I don’t want to use anymore. When I looked at the online guides for changing the username, I found it wasn’t as easy as I had expected. The only way seems to be that you create a new ‘temporary’ user with all administrative permissions, then change the desired name while logged in from that new user and delete the user afterwards.

But why is it not possible to just change the username when there is only one account on the computer with all the administrative access? Why do I have to create a new user?

Is it wise to completely rely OAuth2 for new users and not have our own login(with username and password) system

My question is: Is it fine to build applications where the user login is completely handled by OAuth2 and services like that. That way we do not have to have our own password database for the users. How good this approach would be keeping in mind the user experience? Also would this approach be easy to implement the multi-factor authentication?

username

hello, my account was compromised a while back however I got it back. But whoever got access to it changed my username and another user claimed it, I've heard of users getting their usernames back before so is there any way I could do the same?

Windows server 2016 Remote Desktop username leaked

One of our servers got infected with ransomware last week (Matrix, .Grhan). The server allowed remote desktop connection from outside on the default port, which was a big security hole (and also, the account lockout policy was not set).

I looked at the windows event logs and found their bruteforce tries, it got so many login failed entries, that I only have logs for the last few days before the attack. They managed to find the password of a user who set it to something really easy to bruteforce. One of the things I noticed that they seem to knew our usernames and I wonder how. They tried a bunch of random names too, but most of the tries were for existing usernames (I exported the names to a text file and made a report from it, counting each try for each name. Almost 90% of the tries went to existing usernames).

How is that possible? I read the answer here, but our server is a Windows Server 2016. I ran two scripts made for taking remote desktop screenshots and could not connect. One of them mentioned that NLA is enabled on the server.

Unable to get userName because I did not specify userName?

I am trying to run this command

$   aws iam  get-user --query 'User.UserName' --output text 

and it failed with

An error occurred (ValidationError) when calling the GetUser operation: Must specify userName when calling with non-User credentials 

I thought it might be due to missing profile, so I added a --profile parameter.

$   aws --profile dev iam get-user --query 'User.UserName' --output text 

It still fails with the same error.

Since I have enabled MFA, is it possible it is due to a mistyped token from the authenicator? If so, can I reset the token?

Django авторизация по email (вместо username)

Сделал вход сайт почти по мануалу, но теперь надо переделать поле username на email, а еще лучше на оба сразу в зависимости о того, что вводит пользователь. Итак, по views.py:

def do_login(request):     if request.method == 'POST':         form = AuthenticationForm(request=request, data=request.POST)         if form.is_valid():             username = form.get('username')             password = form.cleaned_data.get('password')             try:                 user=authenticate(username=User.objects.get(email=username), password=password)             except:                 user=authenticate(username=username, password=password)             if user is not None:                 login(request, user)                 messages.info(request, f"You are now logged in as {username}")                 return redirect('form/')             else:                 messages.error(request, "Invalid username or password.")         else:             messages.error(request, "Invalid username or password.")     form = AuthenticationForm()     return render(request = request, template_name = "dologin.html", context={"form":form}) 

Функция она принимает только username, а на емэил дает ошибку ввода. Не понимаю, может я совсем не в том направлении пишу.

Проверка username на существование в базе

Есть проект на node.js + express. Нужно при регистрации провалидировать все поля, возникла проблема с проверкой на существование username в базе в функции isValidUsername, т.к. db.query() возвращает promise, а с помощью коллбэка я могу только вернуть ошибку, если запрос не выполнился или useraname уже занят, как можно подождать завершение выполнения функции db.query() и вернуть true, если username не был найден в базе?

В файле sign_up.js содержится код:

import {isValidUsername} from './common';  function isValidParams(params, response, db) {     const fields = {         username: isValidUsername(params.username, response, db),         // email: '',         // password: '',         // phone: ''     };      for (let name in fields) {         if (!fields[name]) {             return false;         }     }      return true; }  function saveUser(params, db) { //тут будет логика по сохранению пользователя в базу }  export function signUp(params, response, db) {     if (isValidParams(params, response, db)) {         saveUser(params, db);     } } 

И файл common.js:

export function isValidUsername(username, response, db) {     if (!username || (username.length < 3) || (username.length > 20)) {         return false;     }      db.query(`SELECT * FROM "user" WHERE username = '$  {username}'`, (err, res) => {         let answer;          if (err) {             answer = createResponseByParams({}, false, err.message, '');         } else if (res.rows.length) {             const error_message = `User with username '$  {username}' is already exist!`;             answer = createResponseByParams({}, false, error_message, '');         }          response.send(answer);     }); }