How to Transfer Users with active password policy











up vote
2
down vote

favorite












I want to transfer users from our QA environment to the PROD environment on Sitecore.NET 8.2 (rev. 170728).



It is totally fine if the users are deactivated and have a random password set. Unfortunately it seems like I cannot import any user since the default or empty password does not meet the password policy requirements. How can I import the users?



I do have access to the serialization files, so I can edit them if that helps. On other environments, I temporarily changed the config, but I cannot do that on PROD.






security user-management serialization







share|improve this question


















  • 1




    Have you tried using packages? When you use serialization, password is always set to b, with packages, random password is generated. Maybe try to set password policy requirements on QA first and then generate package with users?
    – Marek Musielak
    2 days ago










  • Same applies to Packages, none of the users are imported. Is there a Setting of how random passwords are generated?
    – Markus
    2 days ago






  • 2




    kb.sitecore.net/articles/242631 did you try this solution ?
    – Vlad Iobagiu
    2 days ago










  • I have not. Since the users are not imported at all, I probably won't be able to sync the passwords. Anyway, I don't want to transfer users on DB Level since this is exactly what the user migration is supposed to do... at least that's what I think :-)
    – Markus
    2 days ago















up vote
2
down vote

favorite












I want to transfer users from our QA environment to the PROD environment on Sitecore.NET 8.2 (rev. 170728).



It is totally fine if the users are deactivated and have a random password set. Unfortunately it seems like I cannot import any user since the default or empty password does not meet the password policy requirements. How can I import the users?



I do have access to the serialization files, so I can edit them if that helps. On other environments, I temporarily changed the config, but I cannot do that on PROD.






security user-management serialization







share|improve this question


















  • 1




    Have you tried using packages? When you use serialization, password is always set to b, with packages, random password is generated. Maybe try to set password policy requirements on QA first and then generate package with users?
    – Marek Musielak
    2 days ago










  • Same applies to Packages, none of the users are imported. Is there a Setting of how random passwords are generated?
    – Markus
    2 days ago






  • 2




    kb.sitecore.net/articles/242631 did you try this solution ?
    – Vlad Iobagiu
    2 days ago










  • I have not. Since the users are not imported at all, I probably won't be able to sync the passwords. Anyway, I don't want to transfer users on DB Level since this is exactly what the user migration is supposed to do... at least that's what I think :-)
    – Markus
    2 days ago













up vote
2
down vote

favorite









up vote
2
down vote

favorite











I want to transfer users from our QA environment to the PROD environment on Sitecore.NET 8.2 (rev. 170728).



It is totally fine if the users are deactivated and have a random password set. Unfortunately it seems like I cannot import any user since the default or empty password does not meet the password policy requirements. How can I import the users?



I do have access to the serialization files, so I can edit them if that helps. On other environments, I temporarily changed the config, but I cannot do that on PROD.






security user-management serialization







share|improve this question













I want to transfer users from our QA environment to the PROD environment on Sitecore.NET 8.2 (rev. 170728).



It is totally fine if the users are deactivated and have a random password set. Unfortunately it seems like I cannot import any user since the default or empty password does not meet the password policy requirements. How can I import the users?



I do have access to the serialization files, so I can edit them if that helps. On other environments, I temporarily changed the config, but I cannot do that on PROD.






security user-management serialization




security user-management serialization






share|improve this question













share|improve this question











share|improve this question




share|improve this question










asked 2 days ago









Markus

23928




23928








  • 1




    Have you tried using packages? When you use serialization, password is always set to b, with packages, random password is generated. Maybe try to set password policy requirements on QA first and then generate package with users?
    – Marek Musielak
    2 days ago










  • Same applies to Packages, none of the users are imported. Is there a Setting of how random passwords are generated?
    – Markus
    2 days ago






  • 2




    kb.sitecore.net/articles/242631 did you try this solution ?
    – Vlad Iobagiu
    2 days ago










  • I have not. Since the users are not imported at all, I probably won't be able to sync the passwords. Anyway, I don't want to transfer users on DB Level since this is exactly what the user migration is supposed to do... at least that's what I think :-)
    – Markus
    2 days ago














  • 1




    Have you tried using packages? When you use serialization, password is always set to b, with packages, random password is generated. Maybe try to set password policy requirements on QA first and then generate package with users?
    – Marek Musielak
    2 days ago










  • Same applies to Packages, none of the users are imported. Is there a Setting of how random passwords are generated?
    – Markus
    2 days ago






  • 2




    kb.sitecore.net/articles/242631 did you try this solution ?
    – Vlad Iobagiu
    2 days ago










  • I have not. Since the users are not imported at all, I probably won't be able to sync the passwords. Anyway, I don't want to transfer users on DB Level since this is exactly what the user migration is supposed to do... at least that's what I think :-)
    – Markus
    2 days ago








1




1




Have you tried using packages? When you use serialization, password is always set to b, with packages, random password is generated. Maybe try to set password policy requirements on QA first and then generate package with users?
– Marek Musielak
2 days ago




Have you tried using packages? When you use serialization, password is always set to b, with packages, random password is generated. Maybe try to set password policy requirements on QA first and then generate package with users?
– Marek Musielak
2 days ago












Same applies to Packages, none of the users are imported. Is there a Setting of how random passwords are generated?
– Markus
2 days ago




Same applies to Packages, none of the users are imported. Is there a Setting of how random passwords are generated?
– Markus
2 days ago




2




2




kb.sitecore.net/articles/242631 did you try this solution ?
– Vlad Iobagiu
2 days ago




kb.sitecore.net/articles/242631 did you try this solution ?
– Vlad Iobagiu
2 days ago












I have not. Since the users are not imported at all, I probably won't be able to sync the passwords. Anyway, I don't want to transfer users on DB Level since this is exactly what the user migration is supposed to do... at least that's what I think :-)
– Markus
2 days ago




I have not. Since the users are not imported at all, I probably won't be able to sync the passwords. Anyway, I don't want to transfer users on DB Level since this is exactly what the user migration is supposed to do... at least that's what I think :-)
– Markus
2 days ago










3 Answers
3






active

oldest

votes

















up vote
2
down vote



accepted










There is a config settings you can use called SerializationPassword.



Just use a config patch file with





<settings>

    <setting name="SerializationPassword" value="Secret!@#" />

</settings>


and deserialize your serialized users after.



Sitecore will set all your new users' passwords to Secret!@# (or whatever value you want) instead of default b which is used when the setting is not present.



You can deserialize you users in PROD and then change they passwords to whatever you want manually.






share|improve this answer



















  • 1




    That sounds exactly like what I need! I will let you know if it worked.
    – Markus
    2 days ago










  • It works, I can use Powershell to serialize & deserialize the users now. Thanks! One issue I had was that my SQL Server went down when I used a randomly generated strong password. The setting might be insufficiently escaped, so be careful. It might also be an unrelated issue on my DEV machine though.
    – Markus
    2 days ago












  • Sitecore uses Membership.CreateUser(userName, password); by default. I don't see any reason why it could cause your SQL Server to go down even with the most sophisticated password. I suppose it was not related to deserialization of your users.
    – Marek Musielak
    2 days ago


















up vote
0
down vote













Sitecore membership is based on ASP.Net membership. It means that you can use same approach for moving users from one DB to another. It is low-level actions with data that could give you better understanding how users/roles information is managed in Sitecore.




  1. Open Microsoft SQL Server Management Studio

  2. Connect to SQL server with Sitecore Core QA database

  3. Click right mouse button on Sitecore Core QA database, select "Generate scripts..." from context menu

  4. Select all tables, where name starts with "aspnet_" on first page of wizard

  5. Click "Advanced" button on second page of wizard. Select "Types of data to script":"Data only", "Script DROP and CREATE":"Script DROP and CREATE"

  6. Generate script

  7. Backup Sitecore Core Production Database

  8. Run script generated from Core QA database on Core Production database






share|improve this answer





















  • I know that I can transfer users on a DB level, but that is not what I want to do.
    – Markus
    2 days ago


















up vote
0
down vote













One addition to Mareks answer:



Unfortunately the logic for passwords in package deserialization is completely different. It uses a class called PasswordGenerator, which is initialized with the following parameters:



MinimumCharacters = 6;

MaximumCharacters = 8;

ConsecutiveCharacters = false;

RepeatCharacters = true;

ExcludeSymbols = true;


So if your password policy requires longer passwords or symbols, this functionality is pretty much unusable.






share|improve this answer





















    Your Answer








    StackExchange.ready(function() {
    var channelOptions = {
    tags: "".split(" "),
    id: "664"
    };
    initTagRenderer("".split(" "), "".split(" "), channelOptions);

    StackExchange.using("externalEditor", function() {
    // Have to fire editor after snippets, if snippets enabled
    if (StackExchange.settings.snippets.snippetsEnabled) {
    StackExchange.using("snippets", function() {
    createEditor();
    });
    }
    else {
    createEditor();
    }
    });

    function createEditor() {
    StackExchange.prepareEditor({
    heartbeatType: 'answer',
    convertImagesToLinks: false,
    noModals: true,
    showLowRepImageUploadWarning: true,
    reputationToPostImages: null,
    bindNavPrevention: true,
    postfix: "",
    imageUploader: {
    brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
    contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
    allowUrls: true
    },
    onDemand: true,
    discardSelector: ".discard-answer"
    ,immediatelyShowMarkdownHelp:true
    });


    }
    });














     

    draft saved


    draft discarded


















    StackExchange.ready(
    function () {
    StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsitecore.stackexchange.com%2fquestions%2f15060%2fhow-to-transfer-users-with-active-password-policy%23new-answer', 'question_page');
    }
    );

    Post as a guest















    Required, but never shown

























    3 Answers
    3






    active

    oldest

    votes








    3 Answers
    3






    active

    oldest

    votes









    active

    oldest

    votes






    active

    oldest

    votes








    up vote
    2
    down vote



    accepted










    There is a config settings you can use called SerializationPassword.



    Just use a config patch file with





    <settings>
    
    <setting name="SerializationPassword" value="Secret!@#" />
    
</settings>


    and deserialize your serialized users after.



    Sitecore will set all your new users' passwords to Secret!@# (or whatever value you want) instead of default b which is used when the setting is not present.



    You can deserialize you users in PROD and then change they passwords to whatever you want manually.






    share|improve this answer



















    • 1




      That sounds exactly like what I need! I will let you know if it worked.
      – Markus
      2 days ago










    • It works, I can use Powershell to serialize & deserialize the users now. Thanks! One issue I had was that my SQL Server went down when I used a randomly generated strong password. The setting might be insufficiently escaped, so be careful. It might also be an unrelated issue on my DEV machine though.
      – Markus
      2 days ago












    • Sitecore uses Membership.CreateUser(userName, password); by default. I don't see any reason why it could cause your SQL Server to go down even with the most sophisticated password. I suppose it was not related to deserialization of your users.
      – Marek Musielak
      2 days ago















    up vote
    2
    down vote



    accepted










    There is a config settings you can use called SerializationPassword.



    Just use a config patch file with





    <settings>
    
    <setting name="SerializationPassword" value="Secret!@#" />
    
</settings>


    and deserialize your serialized users after.



    Sitecore will set all your new users' passwords to Secret!@# (or whatever value you want) instead of default b which is used when the setting is not present.



    You can deserialize you users in PROD and then change they passwords to whatever you want manually.






    share|improve this answer



















    • 1




      That sounds exactly like what I need! I will let you know if it worked.
      – Markus
      2 days ago










    • It works, I can use Powershell to serialize & deserialize the users now. Thanks! One issue I had was that my SQL Server went down when I used a randomly generated strong password. The setting might be insufficiently escaped, so be careful. It might also be an unrelated issue on my DEV machine though.
      – Markus
      2 days ago












    • Sitecore uses Membership.CreateUser(userName, password); by default. I don't see any reason why it could cause your SQL Server to go down even with the most sophisticated password. I suppose it was not related to deserialization of your users.
      – Marek Musielak
      2 days ago













    up vote
    2
    down vote



    accepted







    up vote
    2
    down vote



    accepted






    There is a config settings you can use called SerializationPassword.



    Just use a config patch file with





    <settings>
    
    <setting name="SerializationPassword" value="Secret!@#" />
    
</settings>


    and deserialize your serialized users after.



    Sitecore will set all your new users' passwords to Secret!@# (or whatever value you want) instead of default b which is used when the setting is not present.



    You can deserialize you users in PROD and then change they passwords to whatever you want manually.






    share|improve this answer














    There is a config settings you can use called SerializationPassword.



    Just use a config patch file with





    <settings>
    
    <setting name="SerializationPassword" value="Secret!@#" />
    
</settings>


    and deserialize your serialized users after.



    Sitecore will set all your new users' passwords to Secret!@# (or whatever value you want) instead of default b which is used when the setting is not present.



    You can deserialize you users in PROD and then change they passwords to whatever you want manually.







    share|improve this answer














    share|improve this answer



    share|improve this answer








    edited 2 days ago

























    answered 2 days ago









    Marek Musielak

    9,22811034




    9,22811034








    • 1




      That sounds exactly like what I need! I will let you know if it worked.
      – Markus
      2 days ago










    • It works, I can use Powershell to serialize & deserialize the users now. Thanks! One issue I had was that my SQL Server went down when I used a randomly generated strong password. The setting might be insufficiently escaped, so be careful. It might also be an unrelated issue on my DEV machine though.
      – Markus
      2 days ago












    • Sitecore uses Membership.CreateUser(userName, password); by default. I don't see any reason why it could cause your SQL Server to go down even with the most sophisticated password. I suppose it was not related to deserialization of your users.
      – Marek Musielak
      2 days ago














    • 1




      That sounds exactly like what I need! I will let you know if it worked.
      – Markus
      2 days ago










    • It works, I can use Powershell to serialize & deserialize the users now. Thanks! One issue I had was that my SQL Server went down when I used a randomly generated strong password. The setting might be insufficiently escaped, so be careful. It might also be an unrelated issue on my DEV machine though.
      – Markus
      2 days ago












    • Sitecore uses Membership.CreateUser(userName, password); by default. I don't see any reason why it could cause your SQL Server to go down even with the most sophisticated password. I suppose it was not related to deserialization of your users.
      – Marek Musielak
      2 days ago








    1




    1




    That sounds exactly like what I need! I will let you know if it worked.
    – Markus
    2 days ago




    That sounds exactly like what I need! I will let you know if it worked.
    – Markus
    2 days ago












    It works, I can use Powershell to serialize & deserialize the users now. Thanks! One issue I had was that my SQL Server went down when I used a randomly generated strong password. The setting might be insufficiently escaped, so be careful. It might also be an unrelated issue on my DEV machine though.
    – Markus
    2 days ago






    It works, I can use Powershell to serialize & deserialize the users now. Thanks! One issue I had was that my SQL Server went down when I used a randomly generated strong password. The setting might be insufficiently escaped, so be careful. It might also be an unrelated issue on my DEV machine though.
    – Markus
    2 days ago














    Sitecore uses Membership.CreateUser(userName, password); by default. I don't see any reason why it could cause your SQL Server to go down even with the most sophisticated password. I suppose it was not related to deserialization of your users.
    – Marek Musielak
    2 days ago




    Sitecore uses Membership.CreateUser(userName, password); by default. I don't see any reason why it could cause your SQL Server to go down even with the most sophisticated password. I suppose it was not related to deserialization of your users.
    – Marek Musielak
    2 days ago










    up vote
    0
    down vote













    Sitecore membership is based on ASP.Net membership. It means that you can use same approach for moving users from one DB to another. It is low-level actions with data that could give you better understanding how users/roles information is managed in Sitecore.




    1. Open Microsoft SQL Server Management Studio

    2. Connect to SQL server with Sitecore Core QA database

    3. Click right mouse button on Sitecore Core QA database, select "Generate scripts..." from context menu

    4. Select all tables, where name starts with "aspnet_" on first page of wizard

    5. Click "Advanced" button on second page of wizard. Select "Types of data to script":"Data only", "Script DROP and CREATE":"Script DROP and CREATE"

    6. Generate script

    7. Backup Sitecore Core Production Database

    8. Run script generated from Core QA database on Core Production database






    share|improve this answer





















    • I know that I can transfer users on a DB level, but that is not what I want to do.
      – Markus
      2 days ago















    up vote
    0
    down vote













    Sitecore membership is based on ASP.Net membership. It means that you can use same approach for moving users from one DB to another. It is low-level actions with data that could give you better understanding how users/roles information is managed in Sitecore.




    1. Open Microsoft SQL Server Management Studio

    2. Connect to SQL server with Sitecore Core QA database

    3. Click right mouse button on Sitecore Core QA database, select "Generate scripts..." from context menu

    4. Select all tables, where name starts with "aspnet_" on first page of wizard

    5. Click "Advanced" button on second page of wizard. Select "Types of data to script":"Data only", "Script DROP and CREATE":"Script DROP and CREATE"

    6. Generate script

    7. Backup Sitecore Core Production Database

    8. Run script generated from Core QA database on Core Production database






    share|improve this answer





















    • I know that I can transfer users on a DB level, but that is not what I want to do.
      – Markus
      2 days ago













    up vote
    0
    down vote










    up vote
    0
    down vote









    Sitecore membership is based on ASP.Net membership. It means that you can use same approach for moving users from one DB to another. It is low-level actions with data that could give you better understanding how users/roles information is managed in Sitecore.




    1. Open Microsoft SQL Server Management Studio

    2. Connect to SQL server with Sitecore Core QA database

    3. Click right mouse button on Sitecore Core QA database, select "Generate scripts..." from context menu

    4. Select all tables, where name starts with "aspnet_" on first page of wizard

    5. Click "Advanced" button on second page of wizard. Select "Types of data to script":"Data only", "Script DROP and CREATE":"Script DROP and CREATE"

    6. Generate script

    7. Backup Sitecore Core Production Database

    8. Run script generated from Core QA database on Core Production database






    share|improve this answer












    Sitecore membership is based on ASP.Net membership. It means that you can use same approach for moving users from one DB to another. It is low-level actions with data that could give you better understanding how users/roles information is managed in Sitecore.




    1. Open Microsoft SQL Server Management Studio

    2. Connect to SQL server with Sitecore Core QA database

    3. Click right mouse button on Sitecore Core QA database, select "Generate scripts..." from context menu

    4. Select all tables, where name starts with "aspnet_" on first page of wizard

    5. Click "Advanced" button on second page of wizard. Select "Types of data to script":"Data only", "Script DROP and CREATE":"Script DROP and CREATE"

    6. Generate script

    7. Backup Sitecore Core Production Database

    8. Run script generated from Core QA database on Core Production database







    share|improve this answer












    share|improve this answer



    share|improve this answer










    answered 2 days ago









    Anton

    1,511213




    1,511213












    • I know that I can transfer users on a DB level, but that is not what I want to do.
      – Markus
      2 days ago


















    • I know that I can transfer users on a DB level, but that is not what I want to do.
      – Markus
      2 days ago
















    I know that I can transfer users on a DB level, but that is not what I want to do.
    – Markus
    2 days ago




    I know that I can transfer users on a DB level, but that is not what I want to do.
    – Markus
    2 days ago










    up vote
    0
    down vote













    One addition to Mareks answer:



    Unfortunately the logic for passwords in package deserialization is completely different. It uses a class called PasswordGenerator, which is initialized with the following parameters:



    MinimumCharacters = 6;
    
MaximumCharacters = 8;
    
ConsecutiveCharacters = false;
    
RepeatCharacters = true;
    
ExcludeSymbols = true;


    So if your password policy requires longer passwords or symbols, this functionality is pretty much unusable.






    share|improve this answer

























      up vote
      0
      down vote













      One addition to Mareks answer:



      Unfortunately the logic for passwords in package deserialization is completely different. It uses a class called PasswordGenerator, which is initialized with the following parameters:



      MinimumCharacters = 6;
      
MaximumCharacters = 8;
      
ConsecutiveCharacters = false;
      
RepeatCharacters = true;
      
ExcludeSymbols = true;


      So if your password policy requires longer passwords or symbols, this functionality is pretty much unusable.






      share|improve this answer























        up vote
        0
        down vote










        up vote
        0
        down vote









        One addition to Mareks answer:



        Unfortunately the logic for passwords in package deserialization is completely different. It uses a class called PasswordGenerator, which is initialized with the following parameters:



        MinimumCharacters = 6;
        
MaximumCharacters = 8;
        
ConsecutiveCharacters = false;
        
RepeatCharacters = true;
        
ExcludeSymbols = true;


        So if your password policy requires longer passwords or symbols, this functionality is pretty much unusable.






        share|improve this answer












        One addition to Mareks answer:



        Unfortunately the logic for passwords in package deserialization is completely different. It uses a class called PasswordGenerator, which is initialized with the following parameters:



        MinimumCharacters = 6;
        
MaximumCharacters = 8;
        
ConsecutiveCharacters = false;
        
RepeatCharacters = true;
        
ExcludeSymbols = true;


        So if your password policy requires longer passwords or symbols, this functionality is pretty much unusable.







        share|improve this answer












        share|improve this answer



        share|improve this answer










        answered yesterday









        Markus

        23928




        23928






























             

            draft saved


            draft discarded



















































             


            draft saved


            draft discarded














            StackExchange.ready(
            function () {
            StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsitecore.stackexchange.com%2fquestions%2f15060%2fhow-to-transfer-users-with-active-password-policy%23new-answer', 'question_page');
            }
            );

            Post as a guest















            Required, but never shown





















































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown

































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown







            -

            Popular posts from this blog

            Quarter-circle Tiles

            Image
            up vote 0 down vote favorite I have $99$ identical square tiles, each with a quarter-circle drawn on it like this: [asy] size(1.5cm); draw(Arc((2,0),1,90,180),red+1); draw((0,0)--(2,0)--(2,2)--(0,2)--(0,0)); [/asy] When I arrange the tiles in a $9times 11$ rectangular grid, each with a random orientation, what is the expected value of the number of full circles I form? I think this problem has to do with finding the chance any given 2x2 square has a circle, but I can't find it. expected-value share | cite | improve this question asked Nov 20 at 15:03 6minecraftninja 1 2
            Read more

            build a pushdown automaton that recognizes the reverse language of a given pushdown automaton?

            Image
            0 I think it's similiar to NFAs. I replace the finite states of the given automaton for start-states for my new automaton. I do it with $epsilon$ -transition from the start state to the actual finite states of the given automaton. The start state of the given automaton will be my accepting(finite) state of my new one. All transitions will be reversed of course to recognize the reversed word. But how do I have to change the stack of the pushdown automaton? That's tricky. formal-languages automata context-free-grammar share | cite | improve this question edited Nov 29 '18 at 14:20 joee
            Read more

            Mont Emei

            Image
            Mont Emei.mw-parser-output .entete.map{background-image:url("//upload.wikimedia.org/wikipedia/commons/7/7a/Picto_infobox_map.png")} Vue du sommet Wanfo du mont Emei Géographie Altitude 3 099  m , Wanfo Coordonnées 29° 31′ 11″ nord, 103° 19′ 57″ est Administration Pays   Chine Province Sichuan Ville-préfecture Leshan Géolocalisation sur la carte : Sichuan Mont Emei Géolocalisation sur la carte : Chine Mont Emei modifier   Paysage panoramique du mont Emei, incluant le paysage panoramique du grand Bouddha de Leshan *   Patrimoine mondial de l'UNESCO Passerelle en bois sur le versant ouest Pays   Chine Subdivision Sichuan Type Mixte Critères (iv) (vi) (x) Superficie 15 400 ha Numéro d’identification 779 Zone géographique Asie et Pacifique  ** Année d’inscription 1996 (20 e session) * Descriptif officiel UNESCO ** Classification géog
            Read more