Dan Russo
I've modified the password requirements on my OnDemand instance (Version: 5.5.60(r77643)), and I would like to require all 350 of my users to enter a new password upon login. What is the best way to accomplish this?
0
Comments
Please sign in to leave a comment.
An interesting question. Doing so manually probably doesn't appeal (https://help.xmatters.com/ondemand/index.htm#userguide/commontasks/forcepasswordexpiry.htm). This might involve some kind of database query or just might not be possible - I'll ask someone to chime in on this.
thanks Cameron....yeah, don't want to manually reset 350 users one-by-one. Hopefully there is a way to do it in bulk.
Would changing the Maximum Age under Password Policy to 1 day work? In theory, it would force a reset for all users tomorrow, right? I could then change it back to the 90 days I specified as part of our policy. Only snag might be for users who do not log in tomorrow. Would the expiration apply to all, even if they did not login before the policy was changed again (from 1 day to 90)?
The maximum age approach is interesting, though I think you're right that it depends on whether the environment flags a user upon expiration or upon login once expired. Would changing the passwords in bulk and requiring users to use the Forgot Password steps work? The password itself is exposed to being changed by web services (using UpdateUser: http://onlinedocs.xmatters.com/xmatters-dev-guide/5.1/#webservices/webserviceoperations/wso_updateuser.htm%3FTocPath%3DWeb%2520Services%7CWeb%2520Service%2520Operations%7C_____75) and while I haven't tested out just changing the password and leaving everything else the same I think it can be done and isn't difficult to test. You would just have to iterate against a list of the users you want to change the passwords to.
Hey Dan... I'd advise contacting xMatters support folks (links on the right below).
Hey Dan. I had some very kindly people in QA (well, person) help me out with a little bit of testing, and the way the system works, your idea to change the policy to a one-day expiration would only work for those users that logged in the next day. The system checks the last time each user updated their credentials and compares it to the password policy when the user logs in - there's no system in place for comparing the last credentials update against the password policy when the policy is changed.
(I even tried exporting a list of users and re-importing them with slightly changed details - no dice, I'm afraid. It didn't prompt a password reset.)
thanks everyone.