0 votes

Hi,

Is there a way to trigger the execution of a script when a user requests a password reset?

Thanks!

by (950 points)
0

Hello,

What exactly do you mean 'requests a password reset'? Do you mean when users reset their password via Adaxes Self-Service Password Reset or when they request someone, like helpdesk guys, to reset the password for them? Can you describe your task in more detail?

0

Sure - specifically I mean when an end user requests a password reset themselves via the web interface. We use an SMS service that is not directly supported by your product, but is easily scripted from Python, etc. I would just need something to launch it when needed.

Thanks,

1 Answer

0 votes
by (220k points)
selected by
Best answer

Hello Brad,

Have a look at the following tutorial: http://www.adaxes.com/tutorials_SelfSer ... dReset.htm.

On step 4 of the tutorial select Run a program or a PowerShell script, enter a short description and paste your script into the Script field.

0

Thank You! That is exactly what I was looking for. I appreciate it.

0

One additional question:

Is the verification code something that can be accessed and passed to a script, rather than through the native "send by" SMS or Email options?

For example, in that section, the message example is like this:

Verification code: %verificationcode%

Thanks!

0

Hello,

No, you cannot get the verification code in scripts. The %verificationcode% value reference is resolved correctly only when the code is sent to a user using Adaxes built-in Send SMS functionality, otherwise it returns an empty string.

Could you provide us with more details on your difficulties with using the built-in functionality? Which peculiarities of your SMS provider do not allow you to use it?

0

Sure. We use Twilio.

After reading SMS over http

I was hoping for a more elegant solution, specifically mentioned in option 2.

Thanks!

0

Hello Brad,

The thing is that option 2 works only for sending regular SMS notifications for users, such as reminders to change their password in time or an SMS to new users with initial passwords to their AD accounts. However, this will not work for sending SMS verification codes in the Self-Service Password Reset process.

Actually, as far as we know, Twilio has a Rest API for sending SMS. Soon we are going to release a new version of Adaxes that will support sending SMS via Rest API. We are going to add a range of SMS gateway providers with predefined Rest API settings, and we even thought on adding Twilio. However, we could not make Twilio work even with the test code samples they provide on the site. For some reason, their Rest API doesn't accept the authentication tokens generated for our test account, and Twilio Support didn't provide any help in resolving the issue :( Thus, we couldn't even verify that their API works as declared.

0

I certainly appreciate your efforts on this subject.

0

The support for sending SMS messages via RESTful APis was added in Adaxes 2017.1. For details, see Configure SMS Settings. You can download the latest build here.

Upgrade Instructions

What's New

0

Hello,

However, we could not make Twilio work even with the test code samples they provide on the site. For some reason, their Rest API doesn't accept the authentication tokens generated for our test account, and Twilio Support didn't provide any help in resolving the issue :( Thus, we couldn't even verify that their API works as declared.

After some research, we managed to find a way how to integrate Adaxes with Twilio. If you want to use Twilio as SMS provider in Adaxes:

  1. Go to the Twilio Console home page (https://www.twilio.com/console) and copy your Account SID, Auth Token and the Twilio Phone Number that will be used to send SMS messages in Adaxes.

  2. Copy the following PowerShell script and save it to your hard disk with the PS1 extension, for example, getAuthString.PS1.

     $sid = "Abcdef1234" #TODO: modify me
     $token = "ghij5678" #TODO: modify me
    
     $bytes = [System.Text.Encoding]::UTF8.GetBytes($sid+":"+$token)
     $authString = [Convert]::ToBase64String($bytes)
    
     Write-host "Your Authentication String is:"
     Write-Host $authString
    
  3. In the script, change the following:

    • $sid - specify your Account SID.
    • $token - specify your Auth Token.

    When done, save the changes.

  4. Run Windows PowerShell. To do this, press Win+R, type powershell.exe and click OK.

  5. Navigate to the folder where you saved the script. For example, if you saved it to C:\Scripts, type

     cd C:\Scripts
  6. Run the script, for example, by executing the following line:

     .\getAuthString.PS1
  7. Copy the Authentication String provided by the script.

  8. Launch Adaxes Administration Console.

  9. In the Console Tree, right-click your Adaxes Service node and select Properties.

  10. Activate the SMS Settings tab.

  11. Activate the Enable SMS option.

  12. Enter the following settings and click OK:

  • Gateway:

      HTTP to SMS
  • URL:

      https://api.twilio.com/2010-04-01/Accounts/<AccountSID>/Messages

    where <AccountSID> is your Account SID you copied on step 1.

  • Method:

      HTTP POST
  • Header:

      Content-Type: application/x-www-form-urlencoded
      Authorization: Basic <AuthenticationString>

    where <AuthenticationString> is the Authentication String you copied on step 7.

  • Body:

      Body=%smstext%&To=%%2b%mobilenumber%&From=%%2b<FromTelephoneNumber>

    where <FromTelephoneNumber> is the Twilio Phone Number you copied on step 1.

0

Starting from Adaxes 2017.2, Twilio has been added as a predefined SMS provider in Adaxes. You can download the latest build here.

Upgrade Instructions

What's New

Related questions

0 votes
1 answer

Hi Team, We would like to use security based questions and answers for password resets. I have found that we can force a user to answer certain questions when enrolling, but if ... . Is there a way to ensure that a question must be answered each time? Thanks,

asked May 19, 2020 by antondubek (440 points)
0 votes
0 answers

All, This may be somewhat of a generic question, but I've looked through a majority of the Self Service Password reset documentation and can't really find a definitive answer. ... the "PssEnroll.aspx" page and all I can do is answer my questions once again.

asked Sep 7, 2017 by Ben.Burrell (490 points)
0 votes
1 answer

Hi Forum, We want to implement an Approval Process for joining a Group within Self Service. 1. Create a new Action in Webinterface processed on the current User 2. Filter ... t have the permission. Is there a way to get this running? Thanks &amp; cheers

asked Jun 9, 2015 by esoAdxAdmin (650 points)
0 votes
1 answer

Is there anyway we can get an Adaxes administrator to be able to access the security the questions and answers from the “Password Self-Service Policies” portal for our users?

asked Feb 17 by JoeG (40 points)
0 votes
1 answer

Hello! We're using Duo for MFA on Windows 10 logins and understand this creates a new credential provider in Windows along side Adaxes' Password Self Service (PSS) credential ... 2FA with a Auth app or SMS code along with questions/answers. Thank you, Kyle

asked Feb 8 by KyleCascade (20 points)
2,740 questions
2,474 answers
6,475 comments
1,372,230 users