Introduction

This task will send out notification to all users with static passwords that are due to expire.

Static Password expiry is determined by the "Expiration Notice (days)" and "Send Notice by:" property settings in the Static Password policy settings;

The "Expiration Notice (days)" setting determines how many days notice is required for the noticfication, and the "Send Notice by:" determines how the notification is to be sent.

The task can be found by navigating to "Administration | Tasks", then scrolling down to the task "Password Notification Service";

Task Parameters

The task parameters are used by the task script to determine which tokens are to be deleted and are edited by left clicking on the context menu of the task and selecting "Parameters";

A new window titled "Task Parameters" will now open that lists the parameters making them available for editing, and the default parameters for this task are as follows;





Specify the computer name of the server the task is to be run on,.


If you have multiple DualShield backend servers, then you need to specify the computer name of the server that will run this task

Select the parameter "Server" then click the  button, and a new window titled "Parameter - Edit" will open;

At the parameter "Default Value:" supply the name of the server the task is to run on., then click  to update the parameter.

  • Before tasks are scheduled (or run manually), we should provide the task parameters that are used during processing of the task script.

    To access the task parameters left click on the context menu of the task then select "Parameters";

    A new window titled "Task Parameters" will now open that lists the parameters that have been created for this task (see example below);



    Specify the domain that assigned users of the tokens must be members of if the tokens are to be deleted by the task.

    Specifies the Product Code of the tokens to be deleted.


    Specifies if only inactive tokens are to be deleted when the task is run.

    In the top right hand corner of this window are the buttons that all viewing, editing and deletion of task parameters;

    To edit one of the listed parameters first select the parameter to be edited then click on the button.

    A new window will now open that will allow you to edit the parameter (example below);

    In most cases the only value that should be changed is the "Default Value" setting.

    If the default value is updated, and the button is pressed, then this new value will be used by the task script next time the task is run.

Editing and Scheduling the Task

Viewing and Editing the task

The task can be edited by left clicking on the context menu of the task and selecting "Edit";

A new window will now open titled "Task - Edit";




Enter the name to be assigned to the task within the management console.


Enter a description of what the task will do.


The version number of the task.


This field is used to specify when the task is scheduled to execute.


This field will determine if the task schedule is enabled (if enabled the task will execute at the scheduled time).


Specifies how many times the task should be repeated after the task is executed.



import com.deepnet.das.services.PasswordNotificationService
import com.deepnet.das.util.Util

if(server && ! InetAddress.getLocalHost().getHostName().equalsIgnoreCase(server)){
            setEndMessage("Task execution has been bypassed")
            return;
        }

                Util.getBean("passwordNotificationService", PasswordNotificationService.class).sendPasswordNotification()


Scheduling the Task

Select the "Enable Schedule" checkbox to ensure the task schedule is activated, then use the pencil icon ("")  to specify the time and frequency settings for automated task execution.

  • Tasks can be scheduled for automatic execution by selecting the "Schedule Enable" option then clicking on the icon;

    When the is pressed a window will open titled "Schedule" that can be used to specify the when the report is scheduled to run; 


    As an example, we can schedule the report to run at 1am every weekday using the following settings;

    After clicking on the schedule details will be converted into text form and added against the report parameter "Schedule"; 

Manual Task Execution

The task can be run manually from the management console by left click on the context menu of the task, then selecting "Run";

A new window will open titled "Run Task" will then open (the window will be populated with the default task property values);




Provide a brief description that will be used to describe the purpose of the task in the audit logs that should be retained in the database after the purge has been performed.

Specify the computer name of the server the task is to be run on,.


To execute the task click  the  button.

  • Tasks can be run manually from the management console by left click on the context menu of the task, then selecting "Run";

    A new window will open titled "Execute Task" will then open (the window will be populated with the default task property values for this task (example below);




    Provide a brief description that will be used to describe the purpose of the task in the audit log.


    Specify the domain that assigned users of the tokens must be members of if the tokens are to be deleted by the task.

    If specified, this property will restrict token deletion to tokens that are assigned to users who are members of the selected Unit.


    If supplied this parameter specifies that only tokens with the specified Product will be deleted.



    Specifies if only inactive tokens are to be deleted when the task is run.



    Before manually running the task the system administrator has the opportunity to temporarily replace these default values (the default values will return to their original state after the task has run).

    When you have finished supplying the property settings, the task can be manually run by clicking on the  button. 

Policy Settings

When the task is run it will examine the static password policy setting "Expiration Notice (days)" setting to determine if notification should be sent out to the affected user.

As an example, the following policy setting will cause the task to send out notifications when the password is due to expire in 40 days;

In the above example we want to provide 40 days notice, and we want the notification to be sent by email.  When the task is run if the password is due to expire within the next 40 days the user will receive notification by email.

Naturally you would probably use a lower value than 40 days notice but don't lower this value to zero (expecting notification on the day the password expires) as the policy setting will interpret this as an instruction not to send expiration notices.

If the task is run, and notification is sent, then the user will receive a notification email similar to the example below;

  • No labels