0 votes

Hello,

I'd like setup a new custom command on the Administrator dashboard that would run the following tasks against a disabled user account simultaneously.

  • Enable their account if its disabled
  • Set a new secure password
  • Modify their user user account so that they are forced to change their password at next login
  • Email the affected user with their new temporary password

I've tried setting up the following custom command but the password value is returning null in the email when using the %unicodePwd% value. Is there a workaround for this?

image.png

by (1.7k points)

1 Answer

0 votes
by (182k points)

Hello,

The %unicodePwd% value reference resolves into a user password only in Business Rules triggering Before/After creating a user, resetting/changing/self-resetting password of a user. In all other cases, the value reference will resolve into an empty value.

To achieve the desired, you can use a value reference based template in the Reset password for the user action (e.g. TempPwd-%firstname,3%%lastname,3%) image.png and use the very same template in the Send email notification action. image.png

0

Thanks for the reply. I tried this out and it seems like the password that generated are too insecure too meet our compliance requirements. For instance, using the template you provided above would result in the password for a user named 'John Doe' to be -

'TempPwd-JohDoe'

How would I go about setting more secure passwords? Is there a better way I should be going about this process?

You mentioned that this value is captured in the resetting/changing/self-resetting password of a user business rule. Would it be possible to modify that business rule to also send an email and re-enable the account if disabled?

+1

Hi sirslimjim,

We are doing similar and use the %adm-RandomString,12% for this purpose. Within a custom command, each time you reference the %adm-RandomString,12% after it is first generated it will be the same.

So if you reset the users password to %adm-RandomString,12% and then send them an email containing %adm-RandomString,12% it will be the same.

Hope this helps,

More info about the string can be found here: http://www.adaxes.com/help/ValueReferences.CalculatedProperties.html

0

Hello,

The approach described by Anton should work just fine. Additionally, you can add special characters to the template (e.g. %adm-RandomString,12%/!&) for the passwords to meet complexity requirements.

If this approach still does not meet your needs, you can move the Send email notification action to a Business Rule triggering After resetting password of a user. As a result, you will be able to use the Generate random complex password option in the Reset user password action of the Custom Command and use the %unicodePwd% value reference to send newly set passwords to users. Enabling the user can remain in the Custom Command, but if you want, it can be done in the Business Rule. Finally, you should have the following:

Custom Command image.png Business Rule image.png

Related questions

0 votes
1 answer

Hi, I followed this example: https://www.adaxes.com/sdk/IAdmTop6.html, but because the Custom Command is disabled, I get the following error message: System.Management.Automation ... if I enable the Custom Command. I am using Adaxes 2018.2 Best Regards Martin

asked Feb 19 by Martin (280 points)
0 votes
1 answer

Hello We are using the script you created for us to upload the employees photo based on their employee ID which works fantastic. The script is below: $picturePath = "picture path" # ... I am missing something obvious but can't see how to do it :? Thank you.

asked Jan 9, 2015 by CBurn (3.3k points)
0 votes
1 answer

I am trying to create a web form for HR that only collects the info from the Create User form and emails the info to the helpdesk. I have seen some other examples of form ... submit for approval, but that is not what I am trying to do. Any ideas? Thanks,

asked Feb 7, 2018 by Jasonmh (2.8k points)
0 votes
1 answer

We are trying to get a scheduled task to run every Friday night at 10:00pm to pull the users needed to be fully deprovisioned by the custom command we have created.

asked Dec 2, 2016 by willy-wally (14.9k points)
0 votes
1 answer

Our Help Desk currently 'mirrors' the group membership of a new user based on another existing user in our AD. I'd like to be able to automate this so that the initiator ... and 'paste' it on the new user being created. Any help on this would be appreciated!

asked Apr 21 by RayBilyk (480 points)
2,251 questions
2,009 answers
5,496 comments
23,497 users