Operating System - OpenVMS

Re: priviledge to reset password

Go to solution
Super Advisor

Re: priviledge to reset password

thanks Bob for being a big help
Honored Contributor

Re: priviledge to reset password

>Does anyone know if its possible to allow a user to change the password of a restricted group of users. I'm thinking that I wouldnt want the user to change the system account, but would want him to be able to change our standard users.

SMOP. Simple Matter of Programming.

Without doing a little work within your tool? No. But it's a database. So it's trivial to do this. Your reset mechanism can be (and should be) coded to do this.

The NEWUSER tool I linked to does exactly this, exempting specific users (and also dealing with random folks that might try to reset the passwords of others), so you'll see code and processing in there to avoid having out-of-range users reset, or rogue user password reset requests. (The reset implemented in that tool is self-service. No help desk required.)

If you're using external authentication via LDAP (via Open Directory or Active Directory LDAP servers or otherwise), you can likely perform an LDAP password reset on some other platform as there are tools for these tasks available, and avoid this whole matter. (I use a Mac for this web-based password change, as the security APIs and available tools are vastly more capable than those of VMS.)

I was unable to locate a registration and reset tool for that cluster, and ended up writing that NEWUSER code specifically because of the limits and omissions in VMS.