debian-mirror-gitlab/doc/security/reset_user_password.md

127 lines
3.1 KiB
Markdown
Raw Normal View History

2019-09-04 21:01:54 +05:30
---
2021-02-22 17:27:13 +05:30
stage: Manage
2022-04-04 11:22:00 +05:30
group: Authentication and Authorization
2021-02-22 17:27:13 +05:30
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
2019-09-04 21:01:54 +05:30
type: howto
---
2019-09-30 21:07:59 +05:30
2022-01-26 12:08:38 +05:30
# Reset a user's password **(FREE SELF)**
2015-09-11 14:41:01 +05:30
2022-01-26 12:08:38 +05:30
You can reset user passwords by using a Rake task, a Rails console, or the
[Users API](../api/users.md#user-modification).
2015-09-11 14:41:01 +05:30
2022-01-26 12:08:38 +05:30
## Prerequisites
To reset a user password, you must be an administrator of a self-managed GitLab instance.
## Use a Rake task
2021-03-11 19:13:27 +05:30
2021-04-29 21:17:54 +05:30
> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/52347) in GitLab 13.9.
2022-01-26 12:08:38 +05:30
Use the following Rake task to reset a user's password:
2015-09-11 14:41:01 +05:30
2022-01-26 12:08:38 +05:30
- **For Omnibus installations**
2015-09-11 14:41:01 +05:30
2022-01-26 12:08:38 +05:30
```shell
sudo gitlab-rake "gitlab:password:reset"
```
2020-11-24 15:15:51 +05:30
2022-01-26 12:08:38 +05:30
- **For installations from source**
2015-09-11 14:41:01 +05:30
2022-01-26 12:08:38 +05:30
```shell
bundle exec rake "gitlab:password:reset"
```
2015-09-11 14:41:01 +05:30
2022-01-26 12:08:38 +05:30
GitLab requests a username, a password, and confirmation of the password. When complete, the user's password is updated.
2015-09-11 14:41:01 +05:30
2022-01-26 12:08:38 +05:30
The Rake task can take a username as an argument. For example, to reset the password for the user with username
`sidneyjones`:
2015-09-11 14:41:01 +05:30
2022-01-26 12:08:38 +05:30
- **For Omnibus installations**
2020-11-24 15:15:51 +05:30
2022-01-26 12:08:38 +05:30
```shell
sudo gitlab-rake "gitlab:password:reset[sidneyjones]"
```
2015-09-11 14:41:01 +05:30
2022-01-26 12:08:38 +05:30
- **For installations from source**
2015-09-11 14:41:01 +05:30
2022-01-26 12:08:38 +05:30
```shell
bundle exec rake "gitlab:password:reset[sidneyjones]"
```
2021-04-29 21:17:54 +05:30
2022-01-26 12:08:38 +05:30
## Use a Rails console
2021-04-29 21:17:54 +05:30
2022-01-26 12:08:38 +05:30
If you know the username, user ID, or email address, you can use the Rails console to reset their password:
2020-11-24 15:15:51 +05:30
2022-01-26 12:08:38 +05:30
1. Open a [Rails console](../administration/operations/rails_console.md).
1. Find the user:
2020-11-24 15:15:51 +05:30
2022-01-26 12:08:38 +05:30
- By username:
2020-11-24 15:15:51 +05:30
2022-01-26 12:08:38 +05:30
```ruby
user = User.find_by_username 'exampleuser'
```
2015-09-11 14:41:01 +05:30
2022-01-26 12:08:38 +05:30
- By user ID:
2021-03-11 19:13:27 +05:30
2022-01-26 12:08:38 +05:30
```ruby
user = User.find(123)
```
2021-03-11 19:13:27 +05:30
2022-03-02 08:16:31 +05:30
- By email address:
2022-01-26 12:08:38 +05:30
```ruby
user = User.find_by(email: 'user@example.com')
```
2022-03-02 08:16:31 +05:30
2022-06-21 17:19:12 +05:30
1. Reset the password by setting a value for `user.password` and `user.password_confirmation`. For example, to set a new random
password:
2022-01-26 12:08:38 +05:30
```ruby
2022-06-21 17:19:12 +05:30
new_password = ::User.random_password
user.password = new_password
user.password_confirmation = new_password
2021-03-11 19:13:27 +05:30
```
2015-09-11 14:41:01 +05:30
2022-01-26 12:08:38 +05:30
1. Optional. Notify the user that an administrator changed their password:
```ruby
user.send_only_admin_changed_your_password_notification!
```
2021-03-11 19:13:27 +05:30
1. Save the changes:
```ruby
user.save!
```
2022-01-26 12:08:38 +05:30
1. Exit the console:
```ruby
exit
```
2019-09-04 21:01:54 +05:30
2022-01-26 12:08:38 +05:30
## Reset the root password
2020-11-24 15:15:51 +05:30
2022-01-26 12:08:38 +05:30
To reset the root password, follow the steps listed previously.
2021-04-29 21:17:54 +05:30
2022-01-26 12:08:38 +05:30
- If the root account name hasn't changed, use the username `root`.
- If the root account name has changed and you don't know the new username,
2022-03-02 08:16:31 +05:30
you might be able to use a Rails console with user ID `1`. In almost all
2022-01-26 12:08:38 +05:30
cases, the first user is the default administrator account.
2021-04-29 21:17:54 +05:30
2022-01-26 12:08:38 +05:30
## Troubleshooting
2021-04-29 21:17:54 +05:30
2022-01-26 12:08:38 +05:30
If the new password doesn't work, it might be [an email confirmation issue](../user/upgrade_email_bypass.md). You can
attempt to fix this issue in a Rails console. For example, if a new `root` password isn't working:
2021-04-29 21:17:54 +05:30
2022-01-26 12:08:38 +05:30
1. Start a [Rails console](../administration/operations/rails_console.md).
1. Find the user and skip reconfirmation:
2021-04-29 21:17:54 +05:30
```ruby
user = User.find(1)
user.skip_reconfirmation!
```
2022-01-26 12:08:38 +05:30
1. Attempt to sign in again.