Solved

Is it possible to set up a password rotation policy

  • 7 February 2024
  • 2 replies
  • 30 views

Userlevel 2
Badge +3

So I was wondering.  Is it possible in LM to set up a policy that forces our users to reset their passwords every 90 days.  I don’t see any options to do so in LM and I wasn’t sure if anyone out there has done so through some clever scripting.  I set up something similar in ServiceNow where a scheduled script ran every day and forced a user reset if the password was over so many days old.  Thanks for your help

icon

Best answer by Mike Aracic 8 February 2024, 00:59

View original

2 replies

Userlevel 7
Badge +20

a scheduled script ran every day and forced a user reset if the password was over so many days old

That’s what I’d do, but I haven’t done it yet. SSO ftw, say goodbye to managing user accounts.

Userlevel 3
Badge +6

It should certainly be possible to do so, using the REST API through the SDK

  • You would programmatically make an authenticated GET Request against the /setting/admins/ endpoint (All encapsulated within the SDK) to get the list of the admins using the SDK’s get_admin_list method
  • Iterate through the list, using whatever logic you wish to determine which accounts would be set to force a password change (I don’t think we expose the age of the password; I suppose you could just do them all every 90 days)
  • Then Programmatically create a PATCH request through the sdk against the /settings/admins/{id} endpoint using the SDK’s patch_admin_by_id method to update the force_password_change field for the appropriate accounts.

If you’d rather not use the SDK, the REST API swagger docs are here, but the process will be the same.

Reply