Password reset parameter


#1

I am able to create users from the CLI using:
/usr/sbin/univention-directory-manager users/user create
–position “cn=users,dc=mcnc,dc=intranet”
–set username="$username"
–set firstname="$FN"
–set lastname="$LN"
–set mailPrimaryAddress="$email"
–set password="$password"
And am able to use the gui to set PasswordRecoveryEmail. Password recovery works fine (this is standalone UCS - no AD).
Is there a way of populating PasswordRecoveryEmail field from the CLI? Or using mailPrimaryAddress for password reset instead of PasswordRecoveryEmail?


#2

It is:

udm .... --set PasswordRecoveryEmail=troeder@univention.de

If you run the UDM cli with just the module name as argument, it lists the available actions as well as the known attributes:

[code]udm users/user

[…]

Password recovery:
PasswordRecoveryMobile Mobile number
PasswordRecoveryEmail Email address
[/code]

To use the mailPrimaryAddress you have to use the “external” method. You’d have to write a program that gets its information through environment variables. You can copy /usr/share/pyshared/univention/management/console/modules/passwordreset/sending/send_with_external.py to /usr/local/bin and edit it to your needs. Then set umc/self-service/passwordreset/external/command, umc/self-service/passwordreset/external/udm_property and the other umc/self-service/passwordreset/external/… UCR variables.
The external method currently has one major drawback: the user cannot edit her contact data like with the “email” and “sms” methods.

Using mailPrimaryAddress may also be problematic, because it usually has to be the mail address hosted by a UCS mail system. But access to that mailbox may not be possible to the user if the password has been forgotten.

Greetings
Daniel Tröder