Private Passwordlist + Folder Permissions lost after Name change

[Tibor]

Hello

 

We've a user that uses the Private Passwordlists.

 

Now she was married and changed her last name.

After the next AD-Sync she lost access to certain folders and aswell her own Passwordlist, which now shops up empty with the new Name.

 

I assume both things should be set on an User-ID and not just her name.

 

Any advice how we can get her Private Passwordlist back?

 

 

Thanks & Regards

Tibor

[support]

Hi Tibor,

 

If you go to the screen Administration -> User Accounts, do you see the old account name there? By default it should be there, unless you have enabled one of the AS Sync options on the screen Administration -> System Settings -> Active Directory Options tab?

 

If you do see it, then you can go to the screen Administration -> User Accounts, and click on the 'Clone User Permissions' button. Once you have cloned permissions from the old account to the new, you can delete the old account from the system.

If the old account has been deleted, unfrotunately this does mean the user's Private Password Lists have also been deleted. The only way to get them back is a database restore - which you can do into a test enviroment if you like.

Regards

Click Studios

[Tibor]

Hello

 

I've the attached AD-Sync settings set.

 

An Account with her old Name does not exist in Passwordstate.  Seems it was renamed properly. Also her EMail-Address changed with this.

 

Since the AD-Accout was not deleted, only renamed, i expect passwordstate to just rename the account without changing User-Permissions / delete private Passwords.

 

So far i see this as a major bug.

 

Cheers

Tibor

 

[support]

Hi Tibor,

 

If a user’s name in Active Directory were to change, there is a process we need to follow in Passwordstate because of the way we encrypt the UserID throughout many tables.  Passwordstate does not encrypt the user data based on the SID, so if the name changes, then Passwordstate will treat the new username as a new user into Passwordstate.  As you have set the system settings to delete the user if they are no longer found, then a combination of these two events have deleted the old user from Passwordstate, along with their Private Password Lists.

 

Process to recover:

 

You'll need to set up a test instance of Passwordstate in a new server, and restore a copy of the database from when this old username existed.  Please see these two documents to assist with this process: Database Restore and Setting up New Website Install

 

Now if you log into the test instance, you can convert the Private List over to a Shared List, and export the passwords from the user account.  You may need to contact Click Studios support directly for this, as this feature is locked down by default. You can export the Passwords from that List By running the "All Passwords Report" from the List Administrator Actions menu.

 

To pre3vent this from happening again, I'd recommend changing your system settings to "Do Nothing" when a user account is no longer found.  This way it will not delete the old user out of the system, and you wil be able to clone the permissions from the old account to the new account easily,  instead of setting up a test system.

 

Regards,

Support.