zato sso reset-user-password


Changes a user's password to an automatically generated one which is printed to stdout. The user must already exist.

Use zato sso change-user-password if you would like to control what password will be set for user.

The auto-generated password is 192-bit strong. Data comes from a strong cryptographic source using Python's os.urandom function.

The password is printed to stdout once only and it is not possible to retrieve it afterwards.

Optionally, sets a non-default expiry for password or a flag to force the user to change the password on next login.

The absence of --must-change means that its existing value will not be changed - for instance, if the flag is already true in the database and it was not given on input, it will continue to be true.

Usage example

$ zato sso reset-user-password ~/env/qs-ps2/server1/ user1
Password for user `user1` reset to `<password>`