Changing Appliance Administrator Passwords Programmatically
Imprivata appliance Super Administrator and Administrator passwords can be changed programmatically via a command-line interface (CLI) or script. The Imprivata Appliance Console exposes a web page that allows the Imprivata appliance to interact with an external system (such as a privileged password management solution) via HTTP GET/POST commands. The password change, if successful, takes effect immediately but does not affect administrators who are already logged into the Imprivata Appliance Console.
The external system must provide the following parameters:
-
user— Current Super Administrator or Administrator username -
opwd— Current Super Administrator or Administrator password -
pwd— New Super Administrator or Administrator password -
pwd_repeat— New Super Administrator or Administrator password repeated
The Imprivata Appliance Console web page URL is: https://<Imprivata appliance IP address>:81/systemAdmin/resetpwdbatch_handler.php
NOTE: The following conditions must be met before changing the Super Administrator password programmatically:
-
All appliances must be online.
-
The enterprise cannot be locked, such as during an upgrade.
Responses and Definitions
The response string returned by the Imprivata Appliance Console web page always begins with either Success or Failed. If Failed, there will be additional information after the ":", e.g., Failed:Access Denied. The following table lists and describes the possible responses that can be returned.
| Response | Description |
|---|---|
| Success | The request succeeded. |
| Failed:Access Denied |
The current username and password could not be authenticated. |
| Failed:Could not reach following nodes in enterprise:<list of nodes> |
All appliances are not available. The request did not succeed. |
| Failed:Enterprise lock failed |
The enterprise is locked. The request did not succeed. |
|
Failed:New Passwords do not match |
The new passwords and the repeated new password are not the same. |
Sample cURL Requests and Responses
The following are sample cURL requests and responses. The text in red is not returned.
curl -k -F "user=admi1" -F "opwd=admin" -F "pwd=newpwd" -F "pwd_repeat=newpwd"
'https://<Imprivata appliance IP address>:81/systemAdmin/resetpwdbatch_handler.php'Failed:Access Denied
Invalid user name
curl -k -F "user=admin" -F "opwd=admin" -F "pwd=newpwd" -F "pwd_repeat=newpwd"
'https://<Imprivata appliance IP address>:81/systemAdmin/resetpwdbatch_handler.php'Failed:Access Denied
Incorrect current password
curl -k -F "user=admin" -F "opwd=oldpwd" -F "pwd=newpwd" -F "pwd_repeat=newpwd" 'https://<Imprivata appliance IP address>:81/systemAdmin/resetpwdbatch_handler.php'
Success
curl -k -F "user=superadmin" -F "opwd=super" -F "pwd=super" -F "pwd_repeat=super" 'https://<Imprivata appliance IP address>:81/systemAdmin/resetpwdbatch_handler.php'
Success
You do not need to change the password to see Success.
