View Source

Introduction

This task will send out notification to all users with static passwords that are due to expire.

Static Password expiry is determined by the "Expiration Notice (days)" and "Send Notice by:" property settings in the Static Password policy settings;

DualShield MFA Platform > Password Notification Service > image2023-10-19_12-32-36.png

The "Expiration Notice (days)" setting determines how many days notice is required for the noticfication, and the "Send Notice by:" determines how the notification is to be sent.

The task can be found by navigating to "Administration | Tasks", then scrolling down to the task "Password Notification Service";

DualShield MFA Platform > Password Notification Service > image2023-9-7_11-40-47.png

Task Parameters

The task parameters are used by the task script to determine which tokens are to be deleted and are edited by left clicking on the context menu of the task and selecting "Parameters";

DualShield MFA Platform > Password Notification Service > image2023-9-7_11-43-23.png

A new window titled "Task Parameters" will now open that lists the parameters making them available for editing, and the default parameters for this task are as follows;

DualShield MFA Platform > Password Notification Service > image2023-9-7_11-43-46.png

Specify the computer name of the server the task is to be run on,.

If you have multiple DualShield backend servers, then you need to specify the computer name of the server that will run this task

Select the parameter "Server" then click the button, and a new window titled "Parameter - Edit" will open;

DualShield MFA Platform > Password Notification Service > image2023-10-16_11-16-33.png

At the parameter "Default Value:" supply the name of the server the task is to run on., then click to update the parameter.

Editing and Scheduling the Task

Viewing and Editing the task

The task can be edited by left clicking on the context menu of the task and selecting "Edit";

DualShield MFA Platform > Password Notification Service > image2023-9-7_11-47-7.png

A new window will now open titled "Task - Edit";

DualShield MFA Platform > Password Notification Service > image2023-9-7_11-47-30.png

Enter the name to be assigned to the task within the management console.

Enter a description of what the task will do.

The version number of the task.

This field is used to specify when the task is scheduled to execute.

This field will determine if the task schedule is enabled (if enabled the task will execute at the scheduled time).

Specifies how many times the task should be repeated after the task is executed.

import com.deepnet.das.services.PasswordNotificationService
import com.deepnet.das.util.Util

if(server && ! InetAddress.getLocalHost().getHostName().equalsIgnoreCase(server)){
setEndMessage("Task execution has been bypassed")
return;
}

Util.getBean("passwordNotificationService", PasswordNotificationService.class).sendPasswordNotification()

Scheduling the Task

Select the "Enable Schedule" checkbox to ensure the task schedule is activated, then use the pencil icon ("") to specify the time and frequency settings for automated task execution.

DualShield MFA Platform > Password Notification Service > image2023-9-7_11-48-37.png

Manual Task Execution

The task can be run manually from the management console by left click on the context menu of the task, then selecting "Run";

DualShield MFA Platform > Password Notification Service > image2023-9-7_11-51-2.png

A new window will open titled "Run Task" will then open (the window will be populated with the default task property values);

DualShield MFA Platform > Password Notification Service > image2023-9-28_18-57-34.png

Provide a brief description that will be used to describe the purpose of the task in the audit logs that should be retained in the database after the purge has been performed.

Specify the computer name of the server the task is to be run on,.

To execute the task click the button.

Policy Settings

When the task is run it will examine the static password policy setting "Expiration Notice (days)" setting to determine if notification should be sent out to the affected user.

As an example, the following policy setting will cause the task to send out notifications when the password is due to expire in 40 days;

DualShield MFA Platform > Password Notification Service > image2023-10-19_12-21-4.png

In the above example we want to provide 40 days notice, and we want the notification to be sent by email. When the task is run if the password is due to expire within the next 40 days the user will receive notification by email.

Naturally you would probably use a lower value than 40 days notice but don't lower this value to zero (expecting notification on the day the password expires) as the policy setting will interpret this as an instruction not to send expiration notices.

If the task is run, and notification is sent, then the user will receive a notification email similar to the example below;

DualShield MFA Platform > Password Notification Service > image2023-10-19_12-29-32.png