Changes a user's password to a selected one. Use zato sso reset-user-password to have Zato auto-generate a strong password for user and print it to stdout.
The user must already exist. Optionally, sets a non-default expiry for password or a flag to force the user to change the password on next login.
Password must be valid per input server's configuration.
The absence of --must-change means that its existing value will not be changed - for instance, if the flag is already true in the database and it was not given on input, it will continue to be true.