• State Verified Answer
  • Locked Locked
  • Replies 28 replies
  • Answers 1 answer
  • Subscribers 37 subscribers
  • Views 32415 views
  • Users 0 members are here
Options
Related
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Custom workflow - email user random generated password

Bilal
over 6 years ago

 Hello guys,

 

I have just recently installed One Identity Password Manager version 5.7.0.1525 in our test-environment. We see that the existing workflows can not apply to our situation, and need to create a new simple custom workflow. We are looking for a self-selvice portal for our users where they simply can reset their password.

 

The workflow should consist of a user searching after his AD-user and then choose the custom workflow "Password email reset" workflow, a random generated password is set on the user account in AD (in addition: "user must change password at next logon" is checked), and an email is sent to the user with the password.

 

The best would be to email the user a link which he then access and set a new password - like the way facebook, gmail, etc do it. Is this possible? :)

 

Best regards

Bilal

Parents
  • 0 over 6 years ago

    Thank you for help. However, I have tried to hard-core both the $domain and $user as its defined in the
    $user = $global.GetUserByName($connection, $userName, [string[]]("objectGUID", "mail"))

    However, I have been triying to find out what the in-process variables is for the "logged in user". As for instance, domain, user name, mail, etc. I am just trying to make this code work so I have a proof-of-concept with Dell one password manager. :)

    I would like to appriciate your help until now.

    Here is my code until now:

     ---

    #Passcode length

    $PASSCODE_LENGTH = 12

     

    #Passcode lifetime in minutes

    $PASSCODE_LIFETIME = 1440 #(1 day)

     

    #Uncomment these lines to send e-mail to a user, if he has e-mail address

    #Variable $PASSCODE will contain user's passcode, all other variables are available too

    $EMAIL_SUBJECT = 'Passcode'

    $EMAIL_BODY = 'Your passcode is $PASSCODE'

     $domain='my.domain.com'

    #Obtain Password Manager connection to the specified domain
    $connection = $global.GetDirectoryConnectionByName($domain)

    #If there is none, throw an exception
    if ("$connection" -eq "") {
    throw "Connection to domain $domain not found in Password Manager!"
    }

     

    #Obtain user's GUID

    $userId = $user.objectGUID

     

    #Generate a passcode for a user

    $PASSCODE= $global.GeneratePasscode($PASSCODE_LENGTH)

     

    #Assign passcode to a user

    $global.QAProfileAssignPasscode($connection, $userId, $passcode, $PASSCODE_LIFETIME)

     

    if ($EMAIL_SUBJECT -ne "" -and $EMAIL_BODY -ne "")

    {

    #Send e-mail with passcode, if user has an e-mail address

    if ($user.mail -ne "")

    {

    $subject = $ExecutionContext.InvokeCommand.ExpandString($EMAIL_SUBJECT)

    $body = $ExecutionContext.InvokeCommand.ExpandString($EMAIL_BODY)

    $global.EmailUserHtml($mail, $subject, $body)

    }

    else

    {

    $log +="User account has no mail, will not send e-mail with passcode"

    }

    }

    ---
    Kind regards
    Bilal

Reply
  • 0 over 6 years ago

    Thank you for help. However, I have tried to hard-core both the $domain and $user as its defined in the
    $user = $global.GetUserByName($connection, $userName, [string[]]("objectGUID", "mail"))

    However, I have been triying to find out what the in-process variables is for the "logged in user". As for instance, domain, user name, mail, etc. I am just trying to make this code work so I have a proof-of-concept with Dell one password manager. :)

    I would like to appriciate your help until now.

    Here is my code until now:

     ---

    #Passcode length

    $PASSCODE_LENGTH = 12

     

    #Passcode lifetime in minutes

    $PASSCODE_LIFETIME = 1440 #(1 day)

     

    #Uncomment these lines to send e-mail to a user, if he has e-mail address

    #Variable $PASSCODE will contain user's passcode, all other variables are available too

    $EMAIL_SUBJECT = 'Passcode'

    $EMAIL_BODY = 'Your passcode is $PASSCODE'

     $domain='my.domain.com'

    #Obtain Password Manager connection to the specified domain
    $connection = $global.GetDirectoryConnectionByName($domain)

    #If there is none, throw an exception
    if ("$connection" -eq "") {
    throw "Connection to domain $domain not found in Password Manager!"
    }

     

    #Obtain user's GUID

    $userId = $user.objectGUID

     

    #Generate a passcode for a user

    $PASSCODE= $global.GeneratePasscode($PASSCODE_LENGTH)

     

    #Assign passcode to a user

    $global.QAProfileAssignPasscode($connection, $userId, $passcode, $PASSCODE_LIFETIME)

     

    if ($EMAIL_SUBJECT -ne "" -and $EMAIL_BODY -ne "")

    {

    #Send e-mail with passcode, if user has an e-mail address

    if ($user.mail -ne "")

    {

    $subject = $ExecutionContext.InvokeCommand.ExpandString($EMAIL_SUBJECT)

    $body = $ExecutionContext.InvokeCommand.ExpandString($EMAIL_BODY)

    $global.EmailUserHtml($mail, $subject, $body)

    }

    else

    {

    $log +="User account has no mail, will not send e-mail with passcode"

    }

    }

    ---
    Kind regards
    Bilal

Children
No Data