debian-mirror-gitlab/doc/security/reset_user_password.md

160 lines
4.2 KiB
Markdown
Raw Normal View History

2019-09-04 21:01:54 +05:30
---
2021-02-22 17:27:13 +05:30
stage: Manage
2022-04-04 11:22:00 +05:30
group: Authentication and Authorization
2022-11-25 23:54:43 +05:30
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/product/ux/technical-writing/#assignments
2019-09-04 21:01:54 +05:30
type: howto
---
2019-09-30 21:07:59 +05:30
2022-01-26 12:08:38 +05:30
# Reset a user's password **(FREE SELF)**
2015-09-11 14:41:01 +05:30
2023-03-04 22:38:38 +05:30
You can reset user passwords by using the UI, a Rake task, a Rails console, or the
2022-01-26 12:08:38 +05:30
[Users API](../api/users.md#user-modification).
2015-09-11 14:41:01 +05:30
2022-01-26 12:08:38 +05:30
## Prerequisites
To reset a user password, you must be an administrator of a self-managed GitLab instance.
2022-11-25 23:54:43 +05:30
The user's new password must meet all [password requirements](../user/profile/user_passwords.md#password-requirements).
2023-03-04 22:38:38 +05:30
## Use the UI
To reset a user's password in the UI:
1. On the top bar, select **Main menu > Admin**.
1. On the left sidebar, select **Overview > Users**.
1. For the user whose password you want to update, select **Edit** (**{pencil-square}**).
1. In the **Password** area, type a password and password confirmation.
1. Select **Save changes**.
A confirmation is displayed.
2022-01-26 12:08:38 +05:30
## Use a Rake task
2021-03-11 19:13:27 +05:30
2021-04-29 21:17:54 +05:30
> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/52347) in GitLab 13.9.
2022-01-26 12:08:38 +05:30
Use the following Rake task to reset a user's password:
2015-09-11 14:41:01 +05:30
2022-01-26 12:08:38 +05:30
- **For Omnibus installations**
2015-09-11 14:41:01 +05:30
2022-01-26 12:08:38 +05:30
```shell
sudo gitlab-rake "gitlab:password:reset"
```
2020-11-24 15:15:51 +05:30
2022-01-26 12:08:38 +05:30
- **For installations from source**
2015-09-11 14:41:01 +05:30
2022-01-26 12:08:38 +05:30
```shell
bundle exec rake "gitlab:password:reset"
```
2015-09-11 14:41:01 +05:30
2022-01-26 12:08:38 +05:30
GitLab requests a username, a password, and confirmation of the password. When complete, the user's password is updated.
2015-09-11 14:41:01 +05:30
2022-01-26 12:08:38 +05:30
The Rake task can take a username as an argument. For example, to reset the password for the user with username
`sidneyjones`:
2015-09-11 14:41:01 +05:30
2022-01-26 12:08:38 +05:30
- **For Omnibus installations**
2020-11-24 15:15:51 +05:30
2022-01-26 12:08:38 +05:30
```shell
sudo gitlab-rake "gitlab:password:reset[sidneyjones]"
```
2015-09-11 14:41:01 +05:30
2022-01-26 12:08:38 +05:30
- **For installations from source**
2015-09-11 14:41:01 +05:30
2022-01-26 12:08:38 +05:30
```shell
bundle exec rake "gitlab:password:reset[sidneyjones]"
```
2021-04-29 21:17:54 +05:30
2022-01-26 12:08:38 +05:30
## Use a Rails console
2021-04-29 21:17:54 +05:30
2022-01-26 12:08:38 +05:30
If you know the username, user ID, or email address, you can use the Rails console to reset their password:
2020-11-24 15:15:51 +05:30
2022-01-26 12:08:38 +05:30
1. Open a [Rails console](../administration/operations/rails_console.md).
1. Find the user:
2020-11-24 15:15:51 +05:30
2022-01-26 12:08:38 +05:30
- By username:
2020-11-24 15:15:51 +05:30
2022-01-26 12:08:38 +05:30
```ruby
user = User.find_by_username 'exampleuser'
```
2015-09-11 14:41:01 +05:30
2022-01-26 12:08:38 +05:30
- By user ID:
2021-03-11 19:13:27 +05:30
2022-01-26 12:08:38 +05:30
```ruby
user = User.find(123)
```
2021-03-11 19:13:27 +05:30
2022-03-02 08:16:31 +05:30
- By email address:
2022-01-26 12:08:38 +05:30
```ruby
user = User.find_by(email: 'user@example.com')
```
2022-03-02 08:16:31 +05:30
2022-06-21 17:19:12 +05:30
1. Reset the password by setting a value for `user.password` and `user.password_confirmation`. For example, to set a new random
password:
2022-01-26 12:08:38 +05:30
```ruby
2022-06-21 17:19:12 +05:30
new_password = ::User.random_password
user.password = new_password
user.password_confirmation = new_password
2022-08-27 11:52:29 +05:30
```
2023-05-27 22:25:52 +05:30
2022-08-27 11:52:29 +05:30
To set a specific value for the new password:
```ruby
new_password = 'examplepassword'
user.password = new_password
user.password_confirmation = new_password
```
2015-09-11 14:41:01 +05:30
2022-01-26 12:08:38 +05:30
1. Optional. Notify the user that an administrator changed their password:
```ruby
user.send_only_admin_changed_your_password_notification!
```
2021-03-11 19:13:27 +05:30
1. Save the changes:
2023-05-27 22:25:52 +05:30
```ruby
user.save!
```
2021-03-11 19:13:27 +05:30
2022-01-26 12:08:38 +05:30
1. Exit the console:
```ruby
exit
```
2019-09-04 21:01:54 +05:30
2022-01-26 12:08:38 +05:30
## Reset the root password
2020-11-24 15:15:51 +05:30
2022-01-26 12:08:38 +05:30
To reset the root password, follow the steps listed previously.
2021-04-29 21:17:54 +05:30
2022-01-26 12:08:38 +05:30
- If the root account name hasn't changed, use the username `root`.
- If the root account name has changed and you don't know the new username,
2022-03-02 08:16:31 +05:30
you might be able to use a Rails console with user ID `1`. In almost all
2022-01-26 12:08:38 +05:30
cases, the first user is the default administrator account.
2021-04-29 21:17:54 +05:30
2022-01-26 12:08:38 +05:30
## Troubleshooting
2021-04-29 21:17:54 +05:30
2022-11-25 23:54:43 +05:30
Use the following information to troubleshoot issues when resetting a
user's password.
### Email confirmation issues
2022-01-26 12:08:38 +05:30
If the new password doesn't work, it might be [an email confirmation issue](../user/upgrade_email_bypass.md). You can
attempt to fix this issue in a Rails console. For example, if a new `root` password isn't working:
2021-04-29 21:17:54 +05:30
2022-01-26 12:08:38 +05:30
1. Start a [Rails console](../administration/operations/rails_console.md).
1. Find the user and skip reconfirmation:
2021-04-29 21:17:54 +05:30
2023-05-27 22:25:52 +05:30
```ruby
user = User.find(1)
user.skip_reconfirmation!
```
2021-04-29 21:17:54 +05:30
2022-01-26 12:08:38 +05:30
1. Attempt to sign in again.
2022-11-25 23:54:43 +05:30
### Unmet password requirements
The password might be too short, too weak, or not meet complexity
requirements. Ensure the password you are attempting to set meets all
[password requirements](../user/profile/user_passwords.md#password-requirements).