Hello everyone! Iβd like to create a workflow which resets a user password via LDAP plugin. The new password should be a random generated one (including letters, numbers, special characters). Has anyone a code snippet for that?
Here is a Python script that should work
def run(params={}):
import string
import secrets
d = ββ
char = (string.ascii_lowercase,
string.ascii_uppercase,
string.digits,
[β!β,β@β,β?β,β^β,β=β,β(β,β)β,β%β,β*β,β<β,β>β])
for i in range(secrets.choice(range(12,15))):
b = secrets.choice(char)
d += secrets.choice(b)
final = {βpasswordβ:d}
return final
I donβt do this because any way to do it there will be a log of the password in the Job.
What I did was set a 32 character random password in the Step, then I force the user to change the password at next logon. That way no one knows the password and the user is instructed to do a password reset using our self service portal that requires MFA.
We did something similar when I was a customer. Our workflow generated the random password and used that in the password field to reset it. The user would have to call the service desk and reset the password again to actually get in.