Univention Bugzilla – Bug 46012
"change password on next login" is ignored when password has been reset administratively
Last modified: 2018-07-04 18:07:56 CEST
The flag 'change password on next login' is ignored when a password has been reset by a teacher or admin. The user (student) is not prompted to change his/her password but should.
Patch available in branch fbest/46012-pwdChangeOnNextLogin. diff --git a/ucs-school-umc-users/umc/python/schoolusers/__init__.py b/ucs-school-umc-users/umc/python/schoolusers/__init__.py index 70306be..88c503b 100644 --- a/ucs-school-umc-users/umc/python/schoolusers/__init__.py +++ b/ucs-school-umc-users/umc/python/schoolusers/__init__.py @@ -94,6 +94,8 @@ class Instance(SchoolBaseModule): » » » user['password'] = newPassword » » » user['overridePWHistory'] = '1' » » » user['locked'] = 'none' +» » » user.modify() +» » » user = User.from_dn(userdn, None, ldap_user_write).get_udm_object(ldap_user_write) » » » user['pwdChangeNextLogin'] = '1' if pwdChangeNextLogin else '0' » » » user.modify() » » » self.finished(request.id, True)
I am sorry, this is a regression by myself in Bug #45468 / 28ec77ef04fb6667a30bd7ddccce93115675c4f3.
(In reply to Nico Stöckigt from comment #0) > The flag 'change password on next login' is ignored when a password has been > reset by a teacher or admin. The user (student) is not prompted to change > his/her password but should. To be more precise: The UDM flag pwdChangeNextLogin toggles on each password reset if the checkbox "Benutzer muss das Passwort bei der nächsten Anmeldung ändern" is always checked. So on the first pasword reset, the flag is activated. On the second reset, the flag is removed erroneously. On the third reset, the flag is activated again. Removed on the fourth reset. And so on...
(In reply to Sönke Schwardt-Krummrich from comment #3) > To be more precise: > The UDM flag pwdChangeNextLogin toggles on each password reset if the > checkbox "Benutzer muss das Passwort bei der nächsten Anmeldung ändern" is > always checked. This seems to be originally an UDM bug: https://forge.univention.org/bugzilla/show_bug.cgi?id=46067 But yes, the suggested patch fixes this issue for UCS@school. Fixed for UCS@school 4.3 and 4.2 ucs-school-umc-users.yaml e4fafc12dea8 | Bug #46012: Merge branch 'sschwardt/46012/42/pwdChangeNextLogin_toggles' into 4.2 a05fa99a74a5 | Bug #46012: add advisory ucs-school-umc-users (13.0.0-7) e4fafc12dea8 | Bug #46012: Merge branch 'sschwardt/46012/42/pwdChangeNextLogin_toggles' into 4.2 8a7316b2461f | Bug #46012: add changelog entry ucs-school-umc-users (13.0.0-6) 4ee688504ee7 | Bug #46012: reinserting workaround for bug #46067 Package: ucs-school-umc-users Version: 13.0.0-7A~4.2.0.201801171636 Branch: ucs_4.2-0 Scope: ucs-school-4.2 User: sschwardt ucs-school-umc-users.yaml 769c170e6697 | Bug #46012: Merge branch 'sschwardt/46012/43/pwdChangeNextLogin_toggles' into 4.3 b4d840a33bb9 | Bug #46012: add advisory ucs-school-umc-users (14.0.0-1) 19285f6080ce | Bug #46012: reinserting workaround for bug #46067 ucs-school-umc-users (14.0.0-2) 769c170e6697 | Bug #46012: Merge branch 'sschwardt/46012/43/pwdChangeNextLogin_toggles' into 4.3 d1921aa48ed2 | Bug #46012: add changelog entry Package: ucs-school-umc-users Version: 14.0.0-2A~4.3.0.201801171643 Branch: ucs_4.3-0 Scope: ucs-school-4.3 Waiting for Jenkins test result.
Created attachment 9416 [details] Hotfix als Patch Hotfix: patch -b -d /usr/share/pyshared/univention/management/console/modules/schoolusers/ < bug46012.patch
Fixed for 4.3, but the bug is still present in 4.2. Tested with version 13.0.1-3A~4.2.0.201805090908
I installed the current packages on a fresh system and the bug is still fixed. I opened the module "Passwörter (Schüler)" and selected a user and gave him/her a new password while the checkbox "Benutzer muss das Passwort bei der nächsten Anmeldung ändern" is activated. Next I select the same user and reset the password again with activated checkbox. If the original error occurs, the column "Passwortablaufdatum" shows only "-". If the bug is fixed, a date should be shown (even on the third/fourth/... reset). Can you tell me, how you reproduced the original bug? If the problem is reproducible, please get in touch with me. → FIXED
I tested it again with ucs-school-umc-users 13.0.1-3A~4.2.0.201805090908 and could not reproduce it anymore for 4.2
UCS@school 4.2 v10 has been released. https://docs.software-univention.de/changelog-ucsschool-4.2v10-de.html If this error occurs again, please clone this bug.