Open morrowc opened 7 years ago
For sysadmin it's now
CLI: user password set $type $username $password
At Fri, 27 Jan 2017 12:07:11 -0800, bapril notifications@github.com wrote:
[1 <text/plain; UTF-8 (7bit)>] For sysadmin it's now
CLI: user password set $type $username $password
'computer says no'
morrowc@portal.usa3:~$ tcli user password set
tcli user password set portal
works though :) I'll get
-- You are receiving this because you authored the thread. Reply to this email directly or view it on GitHub: https://github.com/tridentli/trident/issues/64#issuecomment-275761565 [2 <text/html; UTF-8 (7bit)>]
did you "tcli system swapadmin" after login?
I did swapadmin, yes.
I have found that
CLI: user password set $type $username $password
Does not work, but
CLI: user password set $type $username $password $password
Does :)
(note you have to repeat the $password).
NB: This only works PROVIDING that $password complies with the minimum standards for the platform as set in System/Settings if password rules are enforced.
$type = portal
In previous incarnations an admin (sysadmin) could reset a user's passwd either: 1) directly (set passwd to foo) 2) reset the user's passwd to nil && wait for automated/random passwd generation and nominator contact
Note that knowing the user's identify in the portal was limited to: "wikiname" not "email address" previously, this seems to have changed in the trident system to "email address" maybe.
These seem fine, or they worked well enough. In today's trident deployment the process, as I read it is: 1) be an admin of a TG (or sysadmin) 2a) poke through the webui and reset each user in turn to a random passwd emailed to the nominator 2b) poke through the webui to the 'cli' in the webui ... (or use the cli on a portal host directly) to: login (*) admin yourself (swapadmin) user password reset username nominator In some cases the nominator doesn't have gpg, so I'm unclear where the passwd would be sent... if at all? I'd like to be able to reset the passwd to a known-text, and tell the nominator what that text is?
This looks interesting: batch Run a batch script (sysadmin level username/password required for non-sysadmin logged in users)
but there aren't any docs on it's usage? What's the sane way to reset ~12 users at a time? :)
*: Why do I pass my userid, passwd and token on the command line? the data is then in logs and available to anyone who's watching 'ps' output, right? that seems extra uncool.