They IT department was "inventive". To facilite the lookup of lost student passwords, they stored them in the job description field of the user—in plain text!
We had to use Citrix clients for internet access on campus. There was a limited number of applications we could run and a network share where we could store our files. So a friend and I came up with this:
- Upload mirc.exe to some free webspace from home.
- Enter URL to the uploaded executable in Internet Explorer and run it.
- Open the Microsoft Management Console with
- Load the user list and customize the view to show username and job description.
- Export to CSV.
- Send to self via webmail.
Yes indeed, a student could access all user information in Active Directory (but not edit it though).
This worked for at least four years to get all student usernames and passwords. Those credentials were used to make reservations for the Citrix terminals and log in to them. They were also used to access our college mailbox. You know, the one we had to use for all official communication with teachers and board.
We never did the latter. However, we have used it to reserve extra time on the terminals because there was a 2 hour per day and 8 hour per week limit. That is until we found out that you could delete a reservation, even if it was in the past, and that it got subtracted from your total usage, even if you had used up the time.