Jump to content

cryan

Members
  • Content count

    9
  • Joined

  • Last visited

  1. Authentication Options Policy

    Doh! I skimmed right over that earlier today searching for this feature. Thank you for sharing!
  2. Currently there does not appear to be a way to require that users use a certain kind of authentication method to log in to Passwordstate. Users are free to adjust their authentication options at any time in user preferences. You can create a system wide setting in administration that becomes the default option for all users, but users can still go in and change their settings. We would like for all users to be authenticated with AD and google two factor, but as employees discover they can turn off the 2 factor option for their account, they turn it off. Would it be possible to add a feature in the future that would allow administrators to enforce authentication method through a policy of some sort? Thanks
  3. Oh, sorry for the miscommunication. When I said [Password] I was referring to the title of the password entry in Passwordstate, not the password itself. Thanks!
  4. Mobile App - Multiple Changes

    I just came to the forum to request the exact features that DavidRa mentioned. I'm leaving a comment here to indicate my support.
  5. Oracle Password Verify/Reset

    I really appreciate the clarification. Thanks for the help.
  6. Oracle Password Verify/Reset

    Thanks for the response. Filling in the Database Instance field did solve this particular issue. I'm still struggling to get this script to work properly, however. I noticed that it requires a privileged account credential in order to run. While the script requires that it is passed a privileged credential from Passwordstate when it is run, a privileged credential is not necessary to update the password for the account on the database. The user account contained in the record I'm trying to do the password reset on is perfectly capable of doing an 'alter user user identified by password' and updating it's own password. It seems preferable to me that you would use a user account to change its own password, rather than having a separate account with a static password to change it. There doesn't seem to be a way to do this using the inbuilt script, though. If you set the privileged account credential to be the same as the password record you are trying to change, the password isn't changed when the reset script runs, even though the script reports that the password was changed. And I'm not sure how you can apply a different privileged account credential to the password record of the user whose password you want reset. I guess I'm not understanding the correct usage of the privileged account credential. I could modify the inbuilt script so that it doesn't use a privileged credential, but I figure it was written that way for a reason, and I would like to understand how it was intended to work. Could someone explain the correct/intended usage of the privileged account credential when it comes to resetting user passwords on Oracle? Sorry, I know my explanation was a little muddy. Please ask any clarifying questions necessary.
  7. Hello everyone, I'm wondering about the intended behavior of the "Validate Password for Oracle Account" script. The script requires that it receive a $ServiceName variable to connect to the database, but there doesn't seem to be any part of the password entry that allows it to receive this information. Is there a field I need to enable somewhere to get this to work? I could work around this issue by copying the inbuilt script for verifying oracle account passwords and hardcoding the service name, but I feel like I'm missing something. Thanks for any insight
  8. I think for our purposes we just need the [Password] and [UserName] variables. Maybe [PasswordList] as well, of possible.. Thanks!
  9. Hello all, It would be nice if it were possible to use variables in the subject line of the email templates. I would like to alter some of them so that our users can know at a glance which user took action against which object without having to open up the email and scan through it. Thanks!
×