How to (re)enable self service invitation feature

In UCS, when a user is created with Locked Login applied (a set PasswordRecoveryEmail and pwdChangeNextLogin=1) the listener module selfservice-invitation.py in cooperation with a daemon will send an invitation email to the user.
In UCS@school this automatism is most likely not desired.

The self service invitation is controlled by the UCR-variable umc/self-service/invitation/enabled, which is set to false by default on UCS@school systems. This feature is controlled by the UDM policy send_self_service_invitation.

If desired, the self-service invitation can be reenabled by modifying this policy. Policies can be modified in the UMC as described in the manual or by using the command line interface.

Example:

DN="cn=send_self_service_invitation,cn=policies,$(ucr get ldap/base)"
udm policies/registry modify --dn "$DN" --set registry="umc/self-service/send_self_service_invitation/enabled true"

If you decide to create another policy at this position with the same name, it will not be modified. Policies with different names, which set the same values are ignored.

1 Like
Mastodon