Rake tasks are scripts that allow you to retrieve, delete or update information on your Faspex server using the command line. This article describes a custom rake task available to force the expiration of user account passwords.
You can set Faspex user account passwords to expire after a certain period of time, at which point users will need to choose a new one. With a rake task you can set password expirations for either individual user accounts or all user accounts on Faspex.
The syntax is the following:
asctl faspex:rake custom:force_password_expiration -- [options]
|short form||long form||description|
|-uusername||--user_name=username||account to set expiration on|
|-ddays||--day=days||days until password expiration (default: 90)|
|-a||--all||force password expiration on all Faspex users|
|-h||--help||print out help information for this rake task|
The default password expiration time is 90 days, but this can be changed with the -d option. The -a option sets the password expiration for all Faspex users (not SAML and directory users).
To set a password expiration time of 20 days on the user janedoe, you would use the following:
asctl faspex:rake custom:force_password_expiration -- --user_name=janedoe -d20
To set a password expiration time of 30 days on all Faspex users, you would use the following:
asctl faspex:rake custom:force_password_expiration -- -d30 -a
Below is an example of what the output could look like:
Forcing password expiration time for janedoe - firstname.lastname@example.org, interval 20