How to control Password Management from the command line
OverviewThe command line tool "VISULOX pwdmgmt" allows to control password management |
Usage
The following commands are available:
| Command | Description |
|---|---|
expired | List users with an expired password |
| locked | List users which accounts are locked |
| mustchange | List users which have to change their password |
| neverexpires | List users which accounts never expire |
| notify | Notify those accounts which will expire |
| warn | Warn users which have to change their password |
In VISULOX Cockpit, the supervisor is able to reset passwords to a rolled random password for users from a datasource with a password change protocol.
password.notify can have an action script name, which will be triggered to inform the user about the new password.
From the command line the supervisor can retirieve information about the users password states.
If the "VLX Password SelfService" application is assigned, the user can set a password with this Workspace application.
The AD user for the VISULOX / AD connection needs write access with the necessary rights and password.reset set to true.
If visulox datasource edit -name <> pwdprotocol is set to none and the password has to be changed, the user cannot log in and a message is displayed in the login mask, that he has to change his password.
Example
List users with an expired password
visulox pwdmgmt expired
looked Accounts
--------------------------------------------------------------------
| vlxowner | vlxpwdexpiretime | expired since |
--------------------------------------------------------------------
| Frank Miller | 2021-10-12 10:28:43.000 | 140d 02h |
| John Snow | 2021-09-07 15:02:38.000 | 174d 21h |
| Test12 | 2020-07-20 11:00:45.000 | 589d 01h |
--------------------------------------------------------------------