Mass Password Reset Scenarios
Mass Password Reset (MPR) can be triggered by MPR administrators through the web user interface as pre-defined requests (PDRs). The following direct CLI execution is primarily for advanced scenarios or troubleshooting.
Mass Onboard
User Group Creation: Create missing user groups on vault user target
Group Membership: Add users to appropriate groups
Vault Discovery: Perform target resync on vault system
Password Generation: Generate initial passwords for backing accounts
Account Updates: Set initial passwords on target systems
Vault Account Creation: Create vault accounts with proper linking
python mass_onboard.py \ --target TARGET_ID1 TARGET_ID2 \ --vault-user-target VAULT_USER_TARGET_ID \ --vault-target VAULT_TARGET_ID \ --vault-association-attribute ASSOC_ATTR \ --vault-group-attribute GROUP_ATTR \ --vault-link-attribute LINK_ATTR \ --vault-template-id TEMPLATE_ID \ --base-url https://<host>/<instance> \ --username restapi_account \ --password restapi_password \ --batch-size 256 \ --report
Mass Onboard Parameters
--target : One or more target system IDs to process --vault-user-target : Target system for user/group management --vault-target : Target system for credential storage --vault-association-attribute : Attribute for associating vault accounts --vault-group-attribute : Attribute for vault account groups --vault-link-attribute : Attribute linking vault to backing accounts --vault-template-id : Template ID for creating vault accounts --base-url : Base URL of the Bravura instance --username : Service account username for REST API --password : Service account password for REST API --batch-size : Batch size for processing (default: 256, minimum: 32) --report : Generate detailed SQLite report database
Mass Password Reset
Password Generation: Generate new passwords for existing account pairs
Account Updates: Update backing accounts with new passwords
Vault Synchronization: Update vault accounts with same passwords
python mass_password_reset.py \ --target TARGET_ID1 TARGET_ID2 \ --vault-target VAULT_TARGET_ID \ --vault-link-attribute LINK_ATTR_NAME \ --base-url https://<host>/<instance> \ --username restapi_account \ --password restapi_password \ --batch-size 256 \ --report
Mass Password Reset Parameters
--target : One or more target system IDs to process --vault-target : Target system ID for credential storage --vault-link-attribute : Attribute name linking vault to backing accounts --base-url : Base URL of the Bravura instance --username : Service account username for REST API --password : Service account password for REST API --batch-size : Batch size for processing (default: 256, minimum: 32) --report : Generate detailed SQLite report database
Single User Offboard
Used when employees leave the organization (run as needed):
User Group Member Addition: Add inheriting user to departing user's groups
Account Association Updates: Transfer account associations from departing to inheriting user
User Group Deletion: Remove departing user from user groups
Vault Discovery: Run auto discovery to update vault access permissions
python single_user_offboard.py \ --user-to-offboard DEPARTING_USER_ID \ --user-to-inherit INHERITING_USER_ID \ --target TARGET_ID1 TARGET_ID2 \ --vault-target VAULT_TARGET_ID \ --vault-association-attribute ASSOC_ATTR \ --vault-link-attribute LINK_ATTR \ --base-url https://<host>/<instance> \ --username restapi_account \ --password restapi_password
Single User Offboard Parameters
--user-to-offboard : User ID of the employee leaving the organization --user-to-inherit : User ID of the employee inheriting access --target : One or more target system IDs to process --vault-target : Target system ID for credential storage --vault-association-attribute : Attribute for associating vault accounts --vault-link-attribute : Attribute for storing backing account ID --base-url : Base URL of the Bravura instance --username : Service account username for REST API --password : Service account password for REST API