This repository has been archived by the owner on Jun 2, 2023. It is now read-only.
Restricted groups #684
Comments
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
PassCore Server
.
Hello!
Change how to handle groups, but in the new version verification is skipped, administrators can change the password. "UseAutomaticContext": false - dont work. Password changes from current user.
appsettings.json:
{
"Logging": {
"IncludeScopes": false,
"LogLevel": {
"Default": "Debug",
"System": "Information",
"Microsoft": "Information"
}
},
"WebSettings": {
"EnableHttpsRedirect": true
},
"AppSettings": {
"UseAutomaticContext": false,
"RestrictedADGroups": [
"IT-SuperAdmin",
"IT-Adminl"
],
"AllowedADGroups": [
"Allow"
],
"IdTypeForUser": "SAM",
"UpdateLastPassword": true,
"LdapSearchBase": "OU=Users, OU=DC, DC=domain, DC=local",
"LdapSecureSocketLayer": true,
"LdapStartTls": false,
"LdapChangePasswordWithDelAdd": true,
"LdapSearchFilter": "(sAMAccountName={Username})",
"LdapHostnames": [
"dc1.domain.local",
"dc2.domain.local"
],
"LdapPort": 636,
"LdapUsername": "user@domain.local",
"LdapPassword": "xxxxxxxx",
"DefaultDomain": [
"domain.local"
]
},
"ClientSettings": {
"ValidationRegex": {
"EmailRegex": "^[a-zA-Z0-9.!#$%& ^
^y*+/=?^_{|}~-]+@[a-zA-Z0-9-]+(?:\.[a-zA-Z0-9-]+)*$","UsernameRegex": "^[a-zA-Z0-9._-]{3,20}$"
},
"UsePasswordGeneration": false,
"MinimumDistance": 0,
"PasswordEntropy": 16,
"ShowPasswordMeter": true,
"MinimumScore": 0,
"Recaptcha": {
"SiteKey": "",
"PrivateKey": "",
"LanguageCode": "en"
},
"UseEmail": "false",
"ApplicationTitle": "Change Account Password | Self-Service Account Management Tools",
"ChangePasswordTitle": "Change Account Password",
"ChangePasswordForm": {
"HelpText": "If you are having trouble with this tool, please contact IT Support",
"UsernameLabel": "Username",
"UsernameHelpblock": "Your organization's email address",
"UsernameDefaultDomainHelperBlock": "Your organization's username",
"CurrentPasswordLabel": "Current Password",
"CurrentPasswordHelpblock": "Enter your current password",
"NewPasswordLabel": "New Password",
"NewPasswordVerifyLabel": "Re-enter New Password",
"NewPasswordVerifyHelpblock": "Enter your new password again",
"ChangePasswordButtonLabel": "Change Password"
},
"ErrorsPasswordForm": {
"FieldRequired": "This field is required",
"UsernamePattern": "Please enter a valid username",
"UsernameEmailPattern": "Please enter a valid email address",
"PasswordMatch": "Passwords do not match"
},
"Alerts": {
"SuccessAlertTitle": "You have changed your password successfully.",
"SuccessAlertBody": "Please note it may take a few hours for your new password to reach all domain controllers.",
"ErrorPasswordChangeNotAllowed": "You are not allowed to change your password. Please contact your system administrator.",
"ErrorInvalidCredentials": "You need to provide the correct current password.",
"ErrorInvalidDomain": "You have supplied an invalid domain to logon to.",
"ErrorInvalidUser": "We could not find your user account.",
"ErrorCaptcha": "Could not verify you are not a robot.",
"ErrorFieldRequired": "Fulfill all the fields.",
"ErrorFieldMismatch": "The passwords do not match.",
"ErrorComplexPassword": "Failed due to password complex policies: New password length is shorter than AD minimum password length",
"ErrorConnectionLdap": "Unhandled error connecting to the LDAP server.",
"ErrorScorePassword": "The password you are trying to set is not secure enough.",
"ErrorDistancePassword": "The password you are trying to set is not diferent enough of your last password.",
"ErrorPwnedPassword": "The password you are trying to use is publicly known and can be used in dictionary attacks."
}
}
}
Help me please
The text was updated successfully, but these errors were encountered: