[rt-users] setting a password for a user

Alex Peters alex at peters.net
Fri Jan 16 19:16:48 EST 2015


When you say in your original message that you seem to be required to
change your own password in order to change someone else's, can you please
describe what is being shown to you in RT's interface at that point?

I'm still expecting that you're being shown three password entry boxes on
users' Modify pages when you're logged in.  One should be asking for your
password, and the other two should be asking for that user's new password.
What's being shown to you if that's incorrect?

On Sat, 17 Jan 2015 6:56 am Boris Epstein <borepstein at gmail.com> wrote:

> Alex,
>
> I finally resolved the issue by setting up the password for use root using
> this command:
>
> perl -I/opt/rt4/local/lib -I/opt/rt4/lib \
>     -MRT -MRT::User \
>     -e'RT::LoadConfig();RT::Init(); my $u =
> RT::User->new($RT::SystemUser); $u->Load("root"); $u->SetPassword("secret")'
>
> borrowed from here:
> http://requesttracker.wikia.com/wiki/RecoverRootPassword
>
> and then logging in as root. As soon as I did I saw the tabs for password
> entry and was able to set a password for the user in question.
>
> I guess the question still remains, what is the rational behind me being
> unable to do so just as a user with admin privileges.
>
> Thanks.
>
> Boris.
>
> On Fri, Jan 16, 2015 at 9:34 AM, Boris Epstein <borepstein at gmail.com>
> wrote:
>
>> Hi Alex,
>>
>> Thanks for the reply.
>>
>> We actually do import passwords from LDAP for users that are in LDAP. But
>> is it possible to also have users who are not in LDAP - and be able to
>> change their passwords? I am sorry, I must be missing something but I still
>> don't quite see the logic of the arrangement in place.
>>
>> Cheers,
>>
>> Boris.
>>
>>
>> On Thu, Jan 15, 2015 at 11:34 PM, Alex Peters <alex at peters.net> wrote:
>>
>>> The discussion thread you've linked to concerns LDAP, and doesn't seem
>>> relevant to your case.
>>>
>>> If you have the correct privileges (which you seem to), the Modify
>>> screen for another user will have three password boxes: the top one for you
>>> to confirm your password, and the bottom two to actually change the user's
>>> password.  I assume that the requirement to enter your own password at this
>>> stage is for added security, i.e. to prevent someone else using your
>>> logged-in account to gain access to other people's accounts.
>>>
>>> Does this resolve things?
>>>
>>> On 16 January 2015 at 14:27, Boris Epstein <borepstein at gmail.com> wrote:
>>>
>>>> Hello all,
>>>>
>>>> I am a user who has administrative privileges within my RT
>>>> installation. That is usually enough but now an situation has come up that
>>>> I need to alter an RT password for a user and it has turned out that I need
>>>> to do that but can't - at least not easily.
>>>>
>>>> Here is a discussion I found on the topic:
>>>>
>>>> http://www.gossamer-threads.com/lists/rt/users/99177
>>>>
>>>> So it looks like I need to either create/activate user "root" and
>>>> create a password for that user (not sure exactly how to do that) or I need
>>>> to change my own password - why should I?
>>>>
>>>> At any rate, any insight into what the logic is behind things being
>>>> this way would be very helpful. Same for practical advice on how to set
>>>> things up in such a way that admin users can modify other users' passwords
>>>> by default though the web GUI.
>>>>
>>>> Thanks in advance.
>>>>
>>>> Cheers,
>>>>
>>>> Boris.
>>>>
>>>
>>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.bestpractical.com/pipermail/rt-users/attachments/20150117/31546312/attachment.html>


More information about the rt-users mailing list