diff options
Diffstat (limited to 'doc/security/reset_user_password.md')
-rw-r--r-- | doc/security/reset_user_password.md | 93 |
1 files changed, 57 insertions, 36 deletions
diff --git a/doc/security/reset_user_password.md b/doc/security/reset_user_password.md index fc808452736..ed7b9f89616 100644 --- a/doc/security/reset_user_password.md +++ b/doc/security/reset_user_password.md @@ -7,70 +7,91 @@ type: howto # How to reset user password -To reset the password of a user, first log into your server with root privileges. +There are a few ways to reset the password of a user. -Start a Ruby on Rails console with this command: +## Rake Task + +GitLab provides a Rake Task to reset passwords of users using their usernames, +which can be invoked by the following command: ```shell -gitlab-rails console -e production +sudo gitlab-rake "gitlab:password:reset" ``` -Wait until the console has loaded. - -## Find the user +You will be asked for username, password, and password confirmation. Upon giving +proper values for them, the password of the specified user will be updated. -There are multiple ways to find your user. You can search by email or user ID number. +The Rake task also takes the username as an argument, as shown in the example +below: ```shell -user = User.where(id: 7).first +sudo gitlab-rake "gitlab:password:reset[johndoe]" ``` -or +NOTE: +To reset the default admin password, run this Rake task with the username +`root`, which is the default username of that admin account. -```shell -user = User.find_by(email: 'user@example.com') -``` +## Rails console -## Reset the password +The Rake task is capable of finding users via their usernames. However, if only +user ID or email ID of the user is known, Rails console can be used to find user +using user ID and then change password of the user manually. -Now you can change your password: +1. Start a Rails console -```shell -user.password = 'secret_pass' -user.password_confirmation = 'secret_pass' -``` + ```shell + sudo gitlab-rails console -e production + ``` -It's important that you change both password and password_confirmation to make it work. +1. Find the user either by user ID or email ID: -When using this method instead of the [Users API](../api/users.md#user-modification), GitLab sends an email to the user stating that the user changed their password. + ```ruby + user = User.find(123) -If the password was changed by an administrator, execute the following command to notify the user by email: + #or -```shell -user.send_only_admin_changed_your_password_notification! -``` + user = User.find_by(email: 'user@example.com') + ``` -Don't forget to save the changes. +1. Reset the password -```shell -user.save! -``` + ```ruby + user.password = 'secret_pass' + user.password_confirmation = 'secret_pass' + ``` + +1. When using this method instead of the [Users API](../api/users.md#user-modification), + GitLab sends an email to the user stating that the user changed their + password. If the password was changed by an administrator, execute the + following command to notify the user by email: + + ```ruby + user.send_only_admin_changed_your_password_notification! + ``` -Exit the console, and then try to sign in with your new password. +1. Save the changes: + + ```ruby + user.save! + ``` + +1. Exit the console, and then try to sign in with your new password. NOTE: You can also reset passwords by using the [Users API](../api/users.md#user-modification). -### Reset your root password +## Reset your root password -The previously described steps can also be used to reset the root password. First, -identify the root user, with an `id` of `1`. To do so, run the following command: +The previously described steps can also be used to reset the root password. -```shell -user = User.where(id: 1).first -``` +In normal installations where the username of root account hasn't been changed +manually, the Rake task can be used with username `root` to reset the root +password. -After finding the user, follow the steps mentioned in the [Reset the password](#reset-the-password) section to reset the password of the root user. +If the username was changed to something else and has been forgotten, one +possible way is to reset the password using Rails console with user ID `1` (in +almost all the cases, the first user will be the default admin account). <!-- ## Troubleshooting |