Layton ServiceDesk - Workarounds - Global Reset User Password
m (Removed erroneous string "It is hard-coded as ''mib''." This looks like a broken feature.) |
m (Moved "Limitations" section) |
||
(8 intermediate revisions by one user not shown) | |||
Line 1: | Line 1: | ||
<p align="right">[[File:btn_back_up.png|link=User Guide for Layton ServiceDesk]] [[User Guide for Layton ServiceDesk|<u>Back to Contents</u>]]</p> | <p align="right">[[File:btn_back_up.png|link=User Guide for Layton ServiceDesk]] [[User Guide for Layton ServiceDesk|<u>Back to Contents</u>]]</p> | ||
=Overview= | =Overview= | ||
− | There is currently no way to define a default password for | + | There is currently no way to define a default password for user accounts. It is possible to reset all the user passwords to a different string or even blank. |
The technique is to run queries in SQL Server Management Studio. Back up your database prior to running any queries. | The technique is to run queries in SQL Server Management Studio. Back up your database prior to running any queries. | ||
+ | |||
+ | ==Limitations== | ||
+ | While this technique is an effective way to change all passwords in one operation, new accounts, created either by LDAP import or manually, will have a NULL password (empty string). You would have to run the query again from time to time. A SQL trigger could be devised to run it on a schedule or change the password immediately on creation of a new account. These advanced techniques are beyond the scope of this article and the responsibility of the database administrator should development of such a mechanism be conducted. | ||
=Queries= | =Queries= | ||
− | ==Change All Passwords to the Same String== | + | ==Analyst== |
+ | ===Change All Passwords to the Same String=== | ||
+ | This technique will change all Analyst passwords to one of your choosing. Passwords are stored as hashed values. We get the hashed value by manually changing a password in the Layton ServiceDesk interface to get a known value. | ||
+ | |||
+ | 1. Log into Layton ServiceDesk as an administrator. | ||
+ | |||
+ | 2. Change the password of an Analyst to the desired string. Note the username. | ||
+ | |||
+ | 3. Open SQL Server Management Studio. | ||
+ | |||
+ | 4. Run this query to get the hashed value of the password. Substitute the Analyst username for ''ANALYSTUSERNAME'': | ||
+ | |||
+ | SELECT sys_userpwd | ||
+ | |||
+ | FROM [user] | ||
+ | |||
+ | WHERE sys_username = 'ANALYSTUSERNAME' | ||
+ | |||
+ | 5. Copy the hashed password value and enter it in place of ''NEWSTRING'' below. | ||
+ | |||
+ | UPDATE [user] | ||
+ | |||
+ | SET sys_userpwd = NEWSTRING | ||
+ | |||
+ | 6. Note there are no apostrophes around the password string. For the password ''mib'', this would be: | ||
+ | |||
+ | UPDATE [user] | ||
+ | |||
+ | SET sys_userpwd = 0x02000C6AB1C7516CCA217091568413FD0581432EB5E1FC22538C5979C247820311FDF276B9FE772F47F7F5470B23C1495DF3E35966D6709CC9AE4490376AE407297D0151F27D | ||
+ | |||
+ | ===Delete All Passwords=== | ||
+ | Use this query to delete all the passwords (password will be blank): | ||
+ | |||
+ | UPDATE [user] | ||
+ | |||
+ | SET sys_userpwd = NULL | ||
+ | |||
+ | ==End User== | ||
+ | ===Change All Passwords to the Same String=== | ||
This technique will change all end-user passwords to one of your choosing. Passwords are stored as hashed values. We get the hashed value by manually changing a password in the Layton ServiceDesk interface to get a known value. | This technique will change all end-user passwords to one of your choosing. Passwords are stored as hashed values. We get the hashed value by manually changing a password in the Layton ServiceDesk interface to get a known value. | ||
1. Log into Layton ServiceDesk as an administrator. | 1. Log into Layton ServiceDesk as an administrator. | ||
− | 2. Change the password of an | + | 2. Change the password of an End User to the desired string. Note the username. |
3. Open SQL Server Management Studio. | 3. Open SQL Server Management Studio. | ||
Line 17: | Line 58: | ||
4. Run this query to get the hashed value of the password. Substitute the end user username for ''ENDUSERNAME'': | 4. Run this query to get the hashed value of the password. Substitute the end user username for ''ENDUSERNAME'': | ||
− | SELECT sys_euserpwd | + | SELECT sys_euserpwd |
− | FROM euser | + | FROM euser |
− | WHERE | + | WHERE sys_eusername = 'ENDUSERNAME' |
5. Copy the hashed password value and enter it in place of ''NEWSTRING'' below. | 5. Copy the hashed password value and enter it in place of ''NEWSTRING'' below. | ||
− | UPDATE euser | + | UPDATE euser |
− | SET sys_euserpwd = NEWSTRING | + | SET sys_euserpwd = NEWSTRING |
6. Note there are no apostrophes around the password string. For the password ''mib'', this would be: | 6. Note there are no apostrophes around the password string. For the password ''mib'', this would be: | ||
− | UPDATE euser | + | UPDATE euser |
− | SET sys_euserpwd = 0x02000C6AB1C7516CCA217091568413FD0581432EB5E1FC22538C5979C247820311FDF276B9FE772F47F7F5470B23C1495DF3E35966D6709CC9AE4490376AE407297D0151F27D | + | SET sys_euserpwd = 0x02000C6AB1C7516CCA217091568413FD0581432EB5E1FC22538C5979C247820311FDF276B9FE772F47F7F5470B23C1495DF3E35966D6709CC9AE4490376AE407297D0151F27D |
− | ==Delete All Passwords== | + | ===Delete All Passwords=== |
Use this query to delete all the passwords (password will be blank): | Use this query to delete all the passwords (password will be blank): | ||
− | UPDATE euser | + | UPDATE euser |
− | SET sys_euserpwd = NULL | + | SET sys_euserpwd = NULL |
− | + | ||
− | + | ||
− | + | ||
=Feature Request= | =Feature Request= | ||
− | A feature request to add a setting to allow for a default | + | A feature request to add a setting to allow for a default user password has been lodged. No estimate can be given as to when such a feature might become available. |
<p align="right">[[File:btn_back_up.png|link=User Guide for Layton ServiceDesk]] [[User Guide for Layton ServiceDesk|<u>Back to Contents</u>]]</p> | <p align="right">[[File:btn_back_up.png|link=User Guide for Layton ServiceDesk]] [[User Guide for Layton ServiceDesk|<u>Back to Contents</u>]]</p> |
Latest revision as of 05:49, 31 July 2019
Contents |
[edit] Overview
There is currently no way to define a default password for user accounts. It is possible to reset all the user passwords to a different string or even blank.
The technique is to run queries in SQL Server Management Studio. Back up your database prior to running any queries.
[edit] Limitations
While this technique is an effective way to change all passwords in one operation, new accounts, created either by LDAP import or manually, will have a NULL password (empty string). You would have to run the query again from time to time. A SQL trigger could be devised to run it on a schedule or change the password immediately on creation of a new account. These advanced techniques are beyond the scope of this article and the responsibility of the database administrator should development of such a mechanism be conducted.
[edit] Queries
[edit] Analyst
[edit] Change All Passwords to the Same String
This technique will change all Analyst passwords to one of your choosing. Passwords are stored as hashed values. We get the hashed value by manually changing a password in the Layton ServiceDesk interface to get a known value.
1. Log into Layton ServiceDesk as an administrator.
2. Change the password of an Analyst to the desired string. Note the username.
3. Open SQL Server Management Studio.
4. Run this query to get the hashed value of the password. Substitute the Analyst username for ANALYSTUSERNAME:
SELECT sys_userpwd FROM [user] WHERE sys_username = 'ANALYSTUSERNAME'
5. Copy the hashed password value and enter it in place of NEWSTRING below.
UPDATE [user] SET sys_userpwd = NEWSTRING
6. Note there are no apostrophes around the password string. For the password mib, this would be:
UPDATE [user] SET sys_userpwd = 0x02000C6AB1C7516CCA217091568413FD0581432EB5E1FC22538C5979C247820311FDF276B9FE772F47F7F5470B23C1495DF3E35966D6709CC9AE4490376AE407297D0151F27D
[edit] Delete All Passwords
Use this query to delete all the passwords (password will be blank):
UPDATE [user] SET sys_userpwd = NULL
[edit] End User
[edit] Change All Passwords to the Same String
This technique will change all end-user passwords to one of your choosing. Passwords are stored as hashed values. We get the hashed value by manually changing a password in the Layton ServiceDesk interface to get a known value.
1. Log into Layton ServiceDesk as an administrator.
2. Change the password of an End User to the desired string. Note the username.
3. Open SQL Server Management Studio.
4. Run this query to get the hashed value of the password. Substitute the end user username for ENDUSERNAME:
SELECT sys_euserpwd FROM euser WHERE sys_eusername = 'ENDUSERNAME'
5. Copy the hashed password value and enter it in place of NEWSTRING below.
UPDATE euser SET sys_euserpwd = NEWSTRING
6. Note there are no apostrophes around the password string. For the password mib, this would be:
UPDATE euser SET sys_euserpwd = 0x02000C6AB1C7516CCA217091568413FD0581432EB5E1FC22538C5979C247820311FDF276B9FE772F47F7F5470B23C1495DF3E35966D6709CC9AE4490376AE407297D0151F27D
[edit] Delete All Passwords
Use this query to delete all the passwords (password will be blank):
UPDATE euser SET sys_euserpwd = NULL
[edit] Feature Request
A feature request to add a setting to allow for a default user password has been lodged. No estimate can be given as to when such a feature might become available.