yahoo-eng-team team mailing list archive

[Paul Peereboom <1791111@xxxxxxxxxxxxxxxxxx>]

Public bug reported:

It's impossible to reset your password in user level if
"change_password_upon_first_use" is set.

keystone.conf:
[security_compliance]
change_password_upon_first_use = True

For new users it's impossible to reset your password via keystone. You
can only reset the password via an admin, which created the user in the
first place. So now the change_password_upon_first_use is kinda useless.

(test2@test) [root@controller1 ~]# openstack user password set
The password is expired and needs to be changed for user: bd3cc251fe694b15be88c443aa752ec1. (HTTP 401) (Request-ID: req-cdc7ddaf-d2ec-49ac-9708-2693811eb819)

Desired situation: User can reset it's own password on first use.

** Affects: keystone
     Importance: Undecided
         Status: New

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Identity (keystone).
https://bugs.launchpad.net/bugs/1791111

Title:
  allow change password upon first use as user

Status in OpenStack Identity (keystone):
  New

Bug description:
  It's impossible to reset your password in user level if
  "change_password_upon_first_use" is set.

  keystone.conf:
  [security_compliance]
  change_password_upon_first_use = True

  For new users it's impossible to reset your password via keystone. You
  can only reset the password via an admin, which created the user in
  the first place. So now the change_password_upon_first_use is kinda
  useless.

  (test2@test) [root@controller1 ~]# openstack user password set
  The password is expired and needs to be changed for user: bd3cc251fe694b15be88c443aa752ec1. (HTTP 401) (Request-ID: req-cdc7ddaf-d2ec-49ac-9708-2693811eb819)

  Desired situation: User can reset it's own password on first use.

To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/1791111/+subscriptions