Feature #43930
mgr/dashboard: Make user creation with password change on logon easier
0%
Description
After #24655 has been resolved, I can create a new user without a password an check "User must change password at next logon".
But I can't click the logon button without typing a password, but the user has no password as it should be set on next logon.
There are 3 ways to solve this:
1. Enable logon without a password
2. Enable passwords without password rule if the user has to change his PW anyway on his first logon according to the rules.
3. Button to automatically generate a password that complies with the rules and copy into to the clipboard.
History
#1 Updated by Volker Theile about 4 years ago
Keep the password policies in mind. This might make this issue a little bit more complicated.
#2 Updated by Tatjana Dehler about 4 years ago
I do have a question... maybe it's a dump one: what's the purpose of creating an user without password? - I thought it's only used for SSO?
#3 Updated by Stephan Müller about 4 years ago
If you just check "User must change password at next logon" you might be attempted to create a user with no password with the idea in mind that the new user can logon to the password change dialog in order to set his password, and you are allowed to create a user without a password, but you can't login.
#4 Updated by Lenz Grimmer almost 4 years ago
- Tags set to administration
- Target version deleted (
v15.0.0)
#5 Updated by Tatjana Dehler almost 4 years ago
Stephan Müller wrote:
If you just check "User must change password at next logon" you might be attempted to create a user with no password with the idea in mind that the new user can logon to the password change dialog in order to set his password, and you are allowed to create a user without a password, but you can't login.
I think that's a combination of two different use cases. I don't think it was intentional to create a user without a password and forcing him to change the password at the next login. The possibility to create users without passwords serves the SSO use case. In my opinion this issue should be fixed by disabling the "User must change password at next logon" checkbox as long as no password has been set.
#6 Updated by Stephan Müller almost 4 years ago
Tatjana Dehler wrote:
Stephan Müller wrote:
If you just check "User must change password at next logon" you might be attempted to create a user with no password with the idea in mind that the new user can logon to the password change dialog in order to set his password, and you are allowed to create a user without a password, but you can't login.
I think that's a combination of two different use cases. I don't think it was intentional to create a user without a password and forcing him to change the password at the next login. The possibility to create users without passwords serves the SSO use case. In my opinion this issue should be fixed by disabling the "User must change password at next logon" checkbox as long as no password has been set.
Then you prefer the third option? Adding a button that generates a password that suites the rules and add a copy to clipboard button to it (+disabling the checkbox until a password is set)?
#7 Updated by Ernesto Puerta almost 3 years ago
- Project changed from mgr to Dashboard
- Category changed from 150 to Component - Users & Roles