trident icon indicating copy to clipboard operation
trident copied to clipboard
verified publisher icon tridentli

Resetting a user's passwd seems overly difficult

Open morrowc opened this issue 8 years ago • 5 comments

In previous incarnations an admin (sysadmin) could reset a user's passwd either:

  1. directly (set passwd to foo)
  2. reset the user's passwd to nil && wait for automated/random passwd generation and nominator contact

Note that knowing the user's identify in the portal was limited to: "wikiname" not "email address" previously, this seems to have changed in the trident system to "email address" maybe.

These seem fine, or they worked well enough. In today's trident deployment the process, as I read it is:

  1. be an admin of a TG (or sysadmin) 2a) poke through the webui and reset each user in turn to a random passwd emailed to the nominator 2b) poke through the webui to the 'cli' in the webui ... (or use the cli on a portal host directly) to: login (*) admin yourself (swapadmin) user password reset username nominator In some cases the nominator doesn't have gpg, so I'm unclear where the passwd would be sent... if at all? I'd like to be able to reset the passwd to a known-text, and tell the nominator what that text is?

This looks interesting: batch Run a batch script (sysadmin level username/password required for non-sysadmin logged in users)

but there aren't any docs on it's usage? What's the sane way to reset ~12 users at a time? :)

*: Why do I pass my userid, passwd and token on the command line? the data is then in logs and available to anyone who's watching 'ps' output, right? that seems extra uncool.

morrowc avatar Jan 23 '17 18:01 morrowc

For sysadmin it's now

CLI: user password set $type $username $password

bapril avatar Jan 27 '17 20:01 bapril

At Fri, 27 Jan 2017 12:07:11 -0800, bapril [email protected] wrote:

[1 <text/plain; UTF-8 (7bit)>] For sysadmin it's now

CLI: user password set $type $username $password

'computer says no'

[email protected]:~$ tcli user password set NewPassword An error occured: Not enough arguments for 'user password set' (got 2, need at least 3)

tcli user password set portal

works though :) I'll get 's passwd to him shortly.

-- You are receiving this because you authored the thread. Reply to this email directly or view it on GitHub: https://github.com/tridentli/trident/issues/64#issuecomment-275761565 [2 <text/html; UTF-8 (7bit)>]

morrowc avatar Jan 27 '17 21:01 morrowc

did you "tcli system swapadmin" after login?

bapril avatar Jan 27 '17 21:01 bapril

I did swapadmin, yes.

morrowc avatar Jan 27 '17 21:01 morrowc

I have found that

CLI: user password set $type $username $password

Does not work, but

CLI: user password set $type $username $password $password

Does :)

(note you have to repeat the $password).

NB: This only works PROVIDING that $password complies with the minimum standards for the platform as set in System/Settings if password rules are enforced.

$type = portal

stewrg avatar Jun 14 '17 08:06 stewrg