Univention Bugzilla – Bug 40711
activate_groupmembers should not use special characters in password
Last modified: 2016-10-04 13:24:52 CEST
Currently, /usr/share/ucs-school-import/scripts/activate_groupmembers generates an 8 character long password and uses special characters. Those special characters tend to be hard to type for some end users and easily cause problems when importing the CSV file in a spreadsheet software (e.g. leading '=' or '"'). For a better usability we should exclude special characters in these passwords. Maybe the character limit should then be raised to e.g. 12?
Created attachment 7486 [details] patch proposal
* Unified password generation code from ucs-school-lib and ucs-school-import. * The length is taken from a password policy, if one exists, or is the default 8. * New passwords are now guaranteed to be created from different character classes (lowercase, uppercase, digits, special chars). * New passwords for activated group members now use a subset of special characters that are less difficult to type: -+.,; ucs-school-lib: r70826 ucs-school-import: r70827 Advisory: r70828
(In reply to Daniel Tröder from comment #2) > * Unified password generation code from ucs-school-lib and ucs-school-import. → OK > * The length is taken from a password policy, if one exists, or is the > default 8. → Hmmm... see Bug 42012: the policy code was broken before, so I created a new bug > * New passwords are now guaranteed to be created from different character > classes (lowercase, uppercase, digits, special chars). ...if the password length is at least 4 characters. > * New passwords for activated group members now use a subset of special > characters that are less difficult to type: -+.,; Yes. I don't think that "," is easily distinguishable from "." but I think this is ok for now. > ucs-school-lib: r70826 > ucs-school-import: r70827 > Advisory: r70828 I removed "\" from special characters. ucs-school-lib (9.0.21-2): r71648 | Bug #40711: removed "\" from list of create_passwd's special characters ucs-school-lib.yaml: r71658 | Bug #40711: updated advisory
UCS@school 4.1 R2 v5 has been released. http://docs.software-univention.de/changelog-ucsschool-4.1R2v5-de.html If this error occurs again, please clone this bug.