EPIC new user password changes for xMatters On-Demand 5.5.60

Summary: 

When the EPIC tool creates new users in xMatters On-Demand, they are assigned random passwords instead of the less-secure passwords generated by the legacy algorithm. New users logging on to xMatters for the first time must go through the Forgot Password workflow to reset their password before they can access xMatters.   
 
If you do not take action, your company's deployment will use the new algorithm when it is upgraded to xMatters On-Demand 5.5.60. However, you can continue to use the legacy algorithm to assign new passwords, if required, by setting the forceNewPasswordReset flag to N in the EPIC client manifest file. This issue only affects new users created by the EPIC tool in ZipSync mode and does not affect users created by other methods, including CloudSync or the xMatters user interface.
 
The old behaviour (5.5.59 and earlier):
New users added by the EPIC tool had their initial passwords set using the legacy algorithm. This password could be communicated to them directly, and they could use it to log on to xMatters for the first time.
 
The new behaviour (5.5.60 and later):
New users added by the EPIC tool are assigned random passwords. To access xMatters, they must click the Forgot Password link on the log-on screen and go through the workflow of resetting their password. If they do not have any devices configured, their supervisor must reset their password for them.
 
How can I preserve the legacy password algorithm?
You may want to temporarily preserve the legacy password generation algorithm while your organization adjusts to the new workflow. To do this, edit manifest.xml file, add the forceNewPasswordReset flag, and set its value to N. For more information about working with the EPIC manifest file, see https://help.xmatters.com/epic/#InstallAdmin/EPICAutoSync/manifest_file.htm.
 
Do I need to download the latest EPIC client, or can I use an older version?
You do not need to download the latest EPIC client. You can add the forceNewPasswordReset flag to an existing manifest file of your current EPIC client.
 
Do I need to edit the manifest.xml file if I want to use the new random passwords?
No. If the forceNewPasswordReset flag is not included in the manifest.xml file, then it defaults to Y. You only need to edit the manifest.xml file if you want to keep using the legacy algorithm.
 
Can I add this flag to the manifest file before my xMatters On-Demand is upgraded to 5.5.60?
Previous versions of xMatters will ignore this flag.  You can add the forceNewPasswordReset flag to the manifest.xml file before your system is upgraded to 5.5.60. 
 
What happens if the user has no devices configured? 
Their supervisor must set their password for them.
 
Where is the Forgot Password link?
Have more questions? Submit a request

0 Comments

Please sign in to leave a comment.
Powered by Zendesk