Welcome to Telelogic Product Support
  Home Downloads Knowledgebase Case Tracking Licensing Help Telelogic Passport
Telelogic DOORS (steve huntington)
Decrease font size
Increase font size
Topic Title: Is there a way to reset a user password through API or DXL
Topic Summary:
Created On: 12-Sep-2007 20:58
Status: Post and Reply
Linear : Threading : Single : Branch
Search Topic Search Topic
Topic Tools Topic Tools
Quick Reply Quick Reply
Subscribe to this topic Subscribe to this topic
E-mail this topic to someone. E-mail this topic
Bookmark this topic Bookmark this topic
View similar topics View similar topics
View topic in raw text format. Print this topic.
 12-Sep-2007 20:58
User is offline View Users Profile Print this message


Dilgeet Badial

Posts: 1
Joined: 27-Apr-2006

Does anyone know how to change user passwords by using a script. Is there an API or a DXL function which can be used to do that?

Thanks
Dilgeet Badial
badial@nortel.com

Report this to a Moderator Report this to a Moderator
 13-Sep-2007 13:59
User is offline View Users Profile Print this message


Kevin Murphy

Posts: 206
Joined: 15-Jul-2005

I haven't tested the below, but it should work:

-------------------------
Kevin Murphy
http://www.baselinesinc.com
The Requirements Management Experts
Report this to a Moderator Report this to a Moderator
 6-May-2008 22:38
User is offline View Users Profile Print this message


Thomas Young

Posts: 20
Joined: 12-Apr-2005

I have a request to provide DXL that will reset passwords for all users, make the password expiration 180 days, and with a minimum length of 8 characters. No problem -- all of these can be done using the setUser perm. The catch is that they also want it to require the users to re-define their password the next time they log in, so that only they know their ultimate password. I've tried some things (like setting the min. pw length to 8 chars w/ initial pw null) but so far no dice. Any ideas? (That DB is still at 7.1.)

Tom in WA
Report this to a Moderator Report this to a Moderator
 7-May-2008 15:10
User is offline View Users Profile Print this message


David Pechacek

Posts: 674
Joined: 5-Dec-2006

Originally posted by: Thomas Young

I have a request to provide DXL that will reset passwords for all users, make the password expiration 180 days, and with a minimum length of 8 characters. No problem -- all of these can be done using the setUser perm. The catch is that they also want it to require the users to re-define their password the next time they log in, so that only they know their ultimate password. I've tried some things (like setting the min. pw length to 8 chars w/ initial pw null) but so far no dice. Any ideas? (That DB is still at 7.1.)



Tom in WA


You could do a database wide trigger that fires whenever they open any module, checks if their password is blank, and if so, pops up a dialog box telling them to enter a new one. There's a few other threads detailing how to hide the input like a password dialog does.

Short of that you'd have to install a startup file on every client to do this check.

-------------------------
David Pechacek
AAI Services Textron
dpechacek@sc-aaicorp.com
David.Pechacek@gmail.com
Report this to a Moderator Report this to a Moderator
 7-May-2008 18:57
User is offline View Users Profile Print this message


Thomas Young

Posts: 20
Joined: 12-Apr-2005

Thanks David. I had not considered a trigger or a startup script -- that's some good outside-the-box thinking. However, my customer has agreed to drop the immediate-password-reset DXL requirement and will just tell the users to change their password the next time they log in to "something only they know." (This is all about their DB changing its Login Policy from "Use system usernames" to "Use passwords," as you may have guessed.)

Tom in WA
Report this to a Moderator Report this to a Moderator
 8-May-2008 00:17
User is offline View Users Profile Print this message


Paul R Miller

Posts: 29
Joined: 16-Feb-2007

Hi Thomas,

I think it's a wise move that your customer has decided to drop the "immediate-password-reset DXL requirement ".

You have to question just exactly what advantage does this give? developing a DXL script that may raise unwanted unforseen side effects and overheads for no major advantage ought to be questioned.

Users have to login to a network domain first before they can login to DOORS. Given that this first layer of security is where the imposition of login policies such as enforced password reset periods and inactivity lock-out periods are usually introduced, it raises the question, what is the advantage of imposing a password reset policy on DOORS? If this was a native feature of DOORS - maybe OK - but it's not.

An alternative is to use the LDAP binding features of DOORS to hook into your networks existing user, groups and authentication LDAP server e.g. Windows Active Directory Server. This will synchronise DOORS login accounts with a users network login account and by virtue will enforce whatever password reset policy has been defined in that LDAP server.

-------------------------
Paul Miller
Specification Practices Specialist
EuroCyber
Melbourne, Australia
Mobile: + 61 (0) 418 135 103
http://www.eurocyber.biz
Report this to a Moderator Report this to a Moderator
 9-May-2008 20:34
User is offline View Users Profile Print this message


Jay Walker

Posts: 5
Joined: 5-Nov-2003

Thomas,

I have the same issue with forcing the user to change password on the next login attempt after DB admin reset. I reported this as an issue to Telelogic (Case 7025704), and they said, "This behavior has changed in the latest version of DOORS 8.3 such that if the Admin leaves the password for a user as blank or something that doesn't meet the DB password rules, the user is prompted to change the password when they attempt to login."

This is NOT how it works in DOORS 8.1. If I change the password to blank, the user can keep using a blank password, which violates all of the rules I have setup in the db properties (minimum characters, letter/numbers/symbols, etc)

I have yet to confirm that it works this way in DOORS 8.3, and will add that to my testing prior to rollout.

Cheers!
Jay

-------------------------
Jay C Walker
Abbott Diagnostics Division
Irving, TX 75018
Report this to a Moderator Report this to a Moderator
 12-May-2008 14:01
User is offline View Users Profile Print this message


Tony Goodman

Posts: 97
Joined: 6-May-2008

Wht not set the user's password to something really long and tedious to type.
They are sure to change it straight away.

-------------------------
Tony Goodman
Smart DXL limited
www.smartdxl.com
Report this to a Moderator Report this to a Moderator
 13-May-2008 16:31
User is offline View Users Profile Print this message


Douglas Zawacki

Posts: 58
Joined: 17-Oct-2006

I like Tony's idea..Throw them a password that is just painful...something like this.
Report this to a Moderator Report this to a Moderator
Statistics
20925 users are registered to the Telelogic DOORS forum.
There are currently 2 users logged in.
The most users ever online was 15 on 15-Jan-2009 at 16:36.
There are currently 0 guests browsing this forum, which makes a total of 2 users using this forum.
You have posted 0 messages to this forum. 0 overall.

FuseTalk Standard Edition v3.2 - © 1999-2009 FuseTalk Inc. All rights reserved.