How to Force All Users to Change Their Password
概要
Crowd currently does not have a feature for administrators to force all of the users or users from a specific directory to change their password. In order to force a user to change their password, Crowd administrators have to do the following for each user:
- Navigate to Users
- Find the user
- Select 'Attributes'
- Set
requiresPasswordChange
parameter to "True".
As you can see, following the steps above for every user can get tedious. There is a feature request created for this at CWD-3332 - Getting issue details... STATUS , but in the meantime, you can set requiresPasswordChange
to "True" for all users via the database by following the steps below.
手順
- Create a database backup of your Crowd instance, as a safety precaution
Execute the following SQL and take note of the directory ID that the newly imported users were imported from:
SELECT * FROM cwd_directory;
Using the the directory ID, execute the following SQL query:
(!) This will force all users from the directory to change their passwordUPDATE cwd_user_attribute SET attribute_value = 'true' WHERE attribute_name = 'requiresPasswordChange' AND directory_id = <INSERT DIRECTORY ID>;
(!) This query will force password change only for users of the given groupUPDATE cwd_user_attribute SET attribute_value = 'true' WHERE attribute_name = 'requiresPasswordChange' AND directory_id = <INSERT DIRECTORY ID> AND user_id IN ( SELECT u.id FROM cwd_membership m JOIN cwd_group g ON m.parent_id = g.id JOIN cwd_user u ON m.child_id = u.id WHERE g.group_name = '<INSERT GROUP NAME>' );
Once the SQL is executed, users will be prompt to change their password via the Crowd Console
Note: This solution only applies to users in the Crowd Internal Directory who log into Crowd. This solution does not apply to users who are part of an external directory or to any user synchronized to a client application of Crowd.