How to Transfer Users with active password policy











up vote
2
down vote

favorite












I want to transfer users from our QA environment to the PROD environment on Sitecore.NET 8.2 (rev. 170728).



It is totally fine if the users are deactivated and have a random password set. Unfortunately it seems like I cannot import any user since the default or empty password does not meet the password policy requirements. How can I import the users?



I do have access to the serialization files, so I can edit them if that helps. On other environments, I temporarily changed the config, but I cannot do that on PROD.










share|improve this question


















  • 1




    Have you tried using packages? When you use serialization, password is always set to b, with packages, random password is generated. Maybe try to set password policy requirements on QA first and then generate package with users?
    – Marek Musielak
    2 days ago










  • Same applies to Packages, none of the users are imported. Is there a Setting of how random passwords are generated?
    – Markus
    2 days ago






  • 2




    kb.sitecore.net/articles/242631 did you try this solution ?
    – Vlad Iobagiu
    2 days ago










  • I have not. Since the users are not imported at all, I probably won't be able to sync the passwords. Anyway, I don't want to transfer users on DB Level since this is exactly what the user migration is supposed to do... at least that's what I think :-)
    – Markus
    2 days ago















up vote
2
down vote

favorite












I want to transfer users from our QA environment to the PROD environment on Sitecore.NET 8.2 (rev. 170728).



It is totally fine if the users are deactivated and have a random password set. Unfortunately it seems like I cannot import any user since the default or empty password does not meet the password policy requirements. How can I import the users?



I do have access to the serialization files, so I can edit them if that helps. On other environments, I temporarily changed the config, but I cannot do that on PROD.










share|improve this question


















  • 1




    Have you tried using packages? When you use serialization, password is always set to b, with packages, random password is generated. Maybe try to set password policy requirements on QA first and then generate package with users?
    – Marek Musielak
    2 days ago










  • Same applies to Packages, none of the users are imported. Is there a Setting of how random passwords are generated?
    – Markus
    2 days ago






  • 2




    kb.sitecore.net/articles/242631 did you try this solution ?
    – Vlad Iobagiu
    2 days ago










  • I have not. Since the users are not imported at all, I probably won't be able to sync the passwords. Anyway, I don't want to transfer users on DB Level since this is exactly what the user migration is supposed to do... at least that's what I think :-)
    – Markus
    2 days ago













up vote
2
down vote

favorite









up vote
2
down vote

favorite











I want to transfer users from our QA environment to the PROD environment on Sitecore.NET 8.2 (rev. 170728).



It is totally fine if the users are deactivated and have a random password set. Unfortunately it seems like I cannot import any user since the default or empty password does not meet the password policy requirements. How can I import the users?



I do have access to the serialization files, so I can edit them if that helps. On other environments, I temporarily changed the config, but I cannot do that on PROD.










share|improve this question













I want to transfer users from our QA environment to the PROD environment on Sitecore.NET 8.2 (rev. 170728).



It is totally fine if the users are deactivated and have a random password set. Unfortunately it seems like I cannot import any user since the default or empty password does not meet the password policy requirements. How can I import the users?



I do have access to the serialization files, so I can edit them if that helps. On other environments, I temporarily changed the config, but I cannot do that on PROD.







security user-management serialization






share|improve this question













share|improve this question











share|improve this question




share|improve this question










asked 2 days ago









Markus

23928




23928








  • 1




    Have you tried using packages? When you use serialization, password is always set to b, with packages, random password is generated. Maybe try to set password policy requirements on QA first and then generate package with users?
    – Marek Musielak
    2 days ago










  • Same applies to Packages, none of the users are imported. Is there a Setting of how random passwords are generated?
    – Markus
    2 days ago






  • 2




    kb.sitecore.net/articles/242631 did you try this solution ?
    – Vlad Iobagiu
    2 days ago










  • I have not. Since the users are not imported at all, I probably won't be able to sync the passwords. Anyway, I don't want to transfer users on DB Level since this is exactly what the user migration is supposed to do... at least that's what I think :-)
    – Markus
    2 days ago














  • 1




    Have you tried using packages? When you use serialization, password is always set to b, with packages, random password is generated. Maybe try to set password policy requirements on QA first and then generate package with users?
    – Marek Musielak
    2 days ago










  • Same applies to Packages, none of the users are imported. Is there a Setting of how random passwords are generated?
    – Markus
    2 days ago






  • 2




    kb.sitecore.net/articles/242631 did you try this solution ?
    – Vlad Iobagiu
    2 days ago










  • I have not. Since the users are not imported at all, I probably won't be able to sync the passwords. Anyway, I don't want to transfer users on DB Level since this is exactly what the user migration is supposed to do... at least that's what I think :-)
    – Markus
    2 days ago








1




1




Have you tried using packages? When you use serialization, password is always set to b, with packages, random password is generated. Maybe try to set password policy requirements on QA first and then generate package with users?
– Marek Musielak
2 days ago




Have you tried using packages? When you use serialization, password is always set to b, with packages, random password is generated. Maybe try to set password policy requirements on QA first and then generate package with users?
– Marek Musielak
2 days ago












Same applies to Packages, none of the users are imported. Is there a Setting of how random passwords are generated?
– Markus
2 days ago




Same applies to Packages, none of the users are imported. Is there a Setting of how random passwords are generated?
– Markus
2 days ago




2




2




kb.sitecore.net/articles/242631 did you try this solution ?
– Vlad Iobagiu
2 days ago




kb.sitecore.net/articles/242631 did you try this solution ?
– Vlad Iobagiu
2 days ago












I have not. Since the users are not imported at all, I probably won't be able to sync the passwords. Anyway, I don't want to transfer users on DB Level since this is exactly what the user migration is supposed to do... at least that's what I think :-)
– Markus
2 days ago




I have not. Since the users are not imported at all, I probably won't be able to sync the passwords. Anyway, I don't want to transfer users on DB Level since this is exactly what the user migration is supposed to do... at least that's what I think :-)
– Markus
2 days ago










3 Answers
3






active

oldest

votes

















up vote
2
down vote



accepted










There is a config settings you can use called SerializationPassword.



Just use a config patch file with





<settings>
<setting name="SerializationPassword" value="Secret!@#" />
</settings>


and deserialize your serialized users after.



Sitecore will set all your new users' passwords to Secret!@# (or whatever value you want) instead of default b which is used when the setting is not present.



You can deserialize you users in PROD and then change they passwords to whatever you want manually.






share|improve this answer



















  • 1




    That sounds exactly like what I need! I will let you know if it worked.
    – Markus
    2 days ago










  • It works, I can use Powershell to serialize & deserialize the users now. Thanks! One issue I had was that my SQL Server went down when I used a randomly generated strong password. The setting might be insufficiently escaped, so be careful. It might also be an unrelated issue on my DEV machine though.
    – Markus
    2 days ago












  • Sitecore uses Membership.CreateUser(userName, password); by default. I don't see any reason why it could cause your SQL Server to go down even with the most sophisticated password. I suppose it was not related to deserialization of your users.
    – Marek Musielak
    2 days ago


















up vote
0
down vote













Sitecore membership is based on ASP.Net membership. It means that you can use same approach for moving users from one DB to another. It is low-level actions with data that could give you better understanding how users/roles information is managed in Sitecore.




  1. Open Microsoft SQL Server Management Studio

  2. Connect to SQL server with Sitecore Core QA database

  3. Click right mouse button on Sitecore Core QA database, select "Generate scripts..." from context menu

  4. Select all tables, where name starts with "aspnet_" on first page of wizard

  5. Click "Advanced" button on second page of wizard. Select "Types of data to script":"Data only", "Script DROP and CREATE":"Script DROP and CREATE"

  6. Generate script

  7. Backup Sitecore Core Production Database

  8. Run script generated from Core QA database on Core Production database






share|improve this answer





















  • I know that I can transfer users on a DB level, but that is not what I want to do.
    – Markus
    2 days ago


















up vote
0
down vote













One addition to Mareks answer:



Unfortunately the logic for passwords in package deserialization is completely different. It uses a class called PasswordGenerator, which is initialized with the following parameters:



MinimumCharacters = 6;
MaximumCharacters = 8;
ConsecutiveCharacters = false;
RepeatCharacters = true;
ExcludeSymbols = true;


So if your password policy requires longer passwords or symbols, this functionality is pretty much unusable.






share|improve this answer





















    Your Answer








    StackExchange.ready(function() {
    var channelOptions = {
    tags: "".split(" "),
    id: "664"
    };
    initTagRenderer("".split(" "), "".split(" "), channelOptions);

    StackExchange.using("externalEditor", function() {
    // Have to fire editor after snippets, if snippets enabled
    if (StackExchange.settings.snippets.snippetsEnabled) {
    StackExchange.using("snippets", function() {
    createEditor();
    });
    }
    else {
    createEditor();
    }
    });

    function createEditor() {
    StackExchange.prepareEditor({
    heartbeatType: 'answer',
    convertImagesToLinks: false,
    noModals: true,
    showLowRepImageUploadWarning: true,
    reputationToPostImages: null,
    bindNavPrevention: true,
    postfix: "",
    imageUploader: {
    brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
    contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
    allowUrls: true
    },
    onDemand: true,
    discardSelector: ".discard-answer"
    ,immediatelyShowMarkdownHelp:true
    });


    }
    });














     

    draft saved


    draft discarded


















    StackExchange.ready(
    function () {
    StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsitecore.stackexchange.com%2fquestions%2f15060%2fhow-to-transfer-users-with-active-password-policy%23new-answer', 'question_page');
    }
    );

    Post as a guest















    Required, but never shown

























    3 Answers
    3






    active

    oldest

    votes








    3 Answers
    3






    active

    oldest

    votes









    active

    oldest

    votes






    active

    oldest

    votes








    up vote
    2
    down vote



    accepted










    There is a config settings you can use called SerializationPassword.



    Just use a config patch file with





    <settings>
    <setting name="SerializationPassword" value="Secret!@#" />
    </settings>


    and deserialize your serialized users after.



    Sitecore will set all your new users' passwords to Secret!@# (or whatever value you want) instead of default b which is used when the setting is not present.



    You can deserialize you users in PROD and then change they passwords to whatever you want manually.






    share|improve this answer



















    • 1




      That sounds exactly like what I need! I will let you know if it worked.
      – Markus
      2 days ago










    • It works, I can use Powershell to serialize & deserialize the users now. Thanks! One issue I had was that my SQL Server went down when I used a randomly generated strong password. The setting might be insufficiently escaped, so be careful. It might also be an unrelated issue on my DEV machine though.
      – Markus
      2 days ago












    • Sitecore uses Membership.CreateUser(userName, password); by default. I don't see any reason why it could cause your SQL Server to go down even with the most sophisticated password. I suppose it was not related to deserialization of your users.
      – Marek Musielak
      2 days ago















    up vote
    2
    down vote



    accepted










    There is a config settings you can use called SerializationPassword.



    Just use a config patch file with





    <settings>
    <setting name="SerializationPassword" value="Secret!@#" />
    </settings>


    and deserialize your serialized users after.



    Sitecore will set all your new users' passwords to Secret!@# (or whatever value you want) instead of default b which is used when the setting is not present.



    You can deserialize you users in PROD and then change they passwords to whatever you want manually.






    share|improve this answer



















    • 1




      That sounds exactly like what I need! I will let you know if it worked.
      – Markus
      2 days ago










    • It works, I can use Powershell to serialize & deserialize the users now. Thanks! One issue I had was that my SQL Server went down when I used a randomly generated strong password. The setting might be insufficiently escaped, so be careful. It might also be an unrelated issue on my DEV machine though.
      – Markus
      2 days ago












    • Sitecore uses Membership.CreateUser(userName, password); by default. I don't see any reason why it could cause your SQL Server to go down even with the most sophisticated password. I suppose it was not related to deserialization of your users.
      – Marek Musielak
      2 days ago













    up vote
    2
    down vote



    accepted







    up vote
    2
    down vote



    accepted






    There is a config settings you can use called SerializationPassword.



    Just use a config patch file with





    <settings>
    <setting name="SerializationPassword" value="Secret!@#" />
    </settings>


    and deserialize your serialized users after.



    Sitecore will set all your new users' passwords to Secret!@# (or whatever value you want) instead of default b which is used when the setting is not present.



    You can deserialize you users in PROD and then change they passwords to whatever you want manually.






    share|improve this answer














    There is a config settings you can use called SerializationPassword.



    Just use a config patch file with





    <settings>
    <setting name="SerializationPassword" value="Secret!@#" />
    </settings>


    and deserialize your serialized users after.



    Sitecore will set all your new users' passwords to Secret!@# (or whatever value you want) instead of default b which is used when the setting is not present.



    You can deserialize you users in PROD and then change they passwords to whatever you want manually.







    share|improve this answer














    share|improve this answer



    share|improve this answer








    edited 2 days ago

























    answered 2 days ago









    Marek Musielak

    9,22811034




    9,22811034








    • 1




      That sounds exactly like what I need! I will let you know if it worked.
      – Markus
      2 days ago










    • It works, I can use Powershell to serialize & deserialize the users now. Thanks! One issue I had was that my SQL Server went down when I used a randomly generated strong password. The setting might be insufficiently escaped, so be careful. It might also be an unrelated issue on my DEV machine though.
      – Markus
      2 days ago












    • Sitecore uses Membership.CreateUser(userName, password); by default. I don't see any reason why it could cause your SQL Server to go down even with the most sophisticated password. I suppose it was not related to deserialization of your users.
      – Marek Musielak
      2 days ago














    • 1




      That sounds exactly like what I need! I will let you know if it worked.
      – Markus
      2 days ago










    • It works, I can use Powershell to serialize & deserialize the users now. Thanks! One issue I had was that my SQL Server went down when I used a randomly generated strong password. The setting might be insufficiently escaped, so be careful. It might also be an unrelated issue on my DEV machine though.
      – Markus
      2 days ago












    • Sitecore uses Membership.CreateUser(userName, password); by default. I don't see any reason why it could cause your SQL Server to go down even with the most sophisticated password. I suppose it was not related to deserialization of your users.
      – Marek Musielak
      2 days ago








    1




    1




    That sounds exactly like what I need! I will let you know if it worked.
    – Markus
    2 days ago




    That sounds exactly like what I need! I will let you know if it worked.
    – Markus
    2 days ago












    It works, I can use Powershell to serialize & deserialize the users now. Thanks! One issue I had was that my SQL Server went down when I used a randomly generated strong password. The setting might be insufficiently escaped, so be careful. It might also be an unrelated issue on my DEV machine though.
    – Markus
    2 days ago






    It works, I can use Powershell to serialize & deserialize the users now. Thanks! One issue I had was that my SQL Server went down when I used a randomly generated strong password. The setting might be insufficiently escaped, so be careful. It might also be an unrelated issue on my DEV machine though.
    – Markus
    2 days ago














    Sitecore uses Membership.CreateUser(userName, password); by default. I don't see any reason why it could cause your SQL Server to go down even with the most sophisticated password. I suppose it was not related to deserialization of your users.
    – Marek Musielak
    2 days ago




    Sitecore uses Membership.CreateUser(userName, password); by default. I don't see any reason why it could cause your SQL Server to go down even with the most sophisticated password. I suppose it was not related to deserialization of your users.
    – Marek Musielak
    2 days ago










    up vote
    0
    down vote













    Sitecore membership is based on ASP.Net membership. It means that you can use same approach for moving users from one DB to another. It is low-level actions with data that could give you better understanding how users/roles information is managed in Sitecore.




    1. Open Microsoft SQL Server Management Studio

    2. Connect to SQL server with Sitecore Core QA database

    3. Click right mouse button on Sitecore Core QA database, select "Generate scripts..." from context menu

    4. Select all tables, where name starts with "aspnet_" on first page of wizard

    5. Click "Advanced" button on second page of wizard. Select "Types of data to script":"Data only", "Script DROP and CREATE":"Script DROP and CREATE"

    6. Generate script

    7. Backup Sitecore Core Production Database

    8. Run script generated from Core QA database on Core Production database






    share|improve this answer





















    • I know that I can transfer users on a DB level, but that is not what I want to do.
      – Markus
      2 days ago















    up vote
    0
    down vote













    Sitecore membership is based on ASP.Net membership. It means that you can use same approach for moving users from one DB to another. It is low-level actions with data that could give you better understanding how users/roles information is managed in Sitecore.




    1. Open Microsoft SQL Server Management Studio

    2. Connect to SQL server with Sitecore Core QA database

    3. Click right mouse button on Sitecore Core QA database, select "Generate scripts..." from context menu

    4. Select all tables, where name starts with "aspnet_" on first page of wizard

    5. Click "Advanced" button on second page of wizard. Select "Types of data to script":"Data only", "Script DROP and CREATE":"Script DROP and CREATE"

    6. Generate script

    7. Backup Sitecore Core Production Database

    8. Run script generated from Core QA database on Core Production database






    share|improve this answer





















    • I know that I can transfer users on a DB level, but that is not what I want to do.
      – Markus
      2 days ago













    up vote
    0
    down vote










    up vote
    0
    down vote









    Sitecore membership is based on ASP.Net membership. It means that you can use same approach for moving users from one DB to another. It is low-level actions with data that could give you better understanding how users/roles information is managed in Sitecore.




    1. Open Microsoft SQL Server Management Studio

    2. Connect to SQL server with Sitecore Core QA database

    3. Click right mouse button on Sitecore Core QA database, select "Generate scripts..." from context menu

    4. Select all tables, where name starts with "aspnet_" on first page of wizard

    5. Click "Advanced" button on second page of wizard. Select "Types of data to script":"Data only", "Script DROP and CREATE":"Script DROP and CREATE"

    6. Generate script

    7. Backup Sitecore Core Production Database

    8. Run script generated from Core QA database on Core Production database






    share|improve this answer












    Sitecore membership is based on ASP.Net membership. It means that you can use same approach for moving users from one DB to another. It is low-level actions with data that could give you better understanding how users/roles information is managed in Sitecore.




    1. Open Microsoft SQL Server Management Studio

    2. Connect to SQL server with Sitecore Core QA database

    3. Click right mouse button on Sitecore Core QA database, select "Generate scripts..." from context menu

    4. Select all tables, where name starts with "aspnet_" on first page of wizard

    5. Click "Advanced" button on second page of wizard. Select "Types of data to script":"Data only", "Script DROP and CREATE":"Script DROP and CREATE"

    6. Generate script

    7. Backup Sitecore Core Production Database

    8. Run script generated from Core QA database on Core Production database







    share|improve this answer












    share|improve this answer



    share|improve this answer










    answered 2 days ago









    Anton

    1,511213




    1,511213












    • I know that I can transfer users on a DB level, but that is not what I want to do.
      – Markus
      2 days ago


















    • I know that I can transfer users on a DB level, but that is not what I want to do.
      – Markus
      2 days ago
















    I know that I can transfer users on a DB level, but that is not what I want to do.
    – Markus
    2 days ago




    I know that I can transfer users on a DB level, but that is not what I want to do.
    – Markus
    2 days ago










    up vote
    0
    down vote













    One addition to Mareks answer:



    Unfortunately the logic for passwords in package deserialization is completely different. It uses a class called PasswordGenerator, which is initialized with the following parameters:



    MinimumCharacters = 6;
    MaximumCharacters = 8;
    ConsecutiveCharacters = false;
    RepeatCharacters = true;
    ExcludeSymbols = true;


    So if your password policy requires longer passwords or symbols, this functionality is pretty much unusable.






    share|improve this answer

























      up vote
      0
      down vote













      One addition to Mareks answer:



      Unfortunately the logic for passwords in package deserialization is completely different. It uses a class called PasswordGenerator, which is initialized with the following parameters:



      MinimumCharacters = 6;
      MaximumCharacters = 8;
      ConsecutiveCharacters = false;
      RepeatCharacters = true;
      ExcludeSymbols = true;


      So if your password policy requires longer passwords or symbols, this functionality is pretty much unusable.






      share|improve this answer























        up vote
        0
        down vote










        up vote
        0
        down vote









        One addition to Mareks answer:



        Unfortunately the logic for passwords in package deserialization is completely different. It uses a class called PasswordGenerator, which is initialized with the following parameters:



        MinimumCharacters = 6;
        MaximumCharacters = 8;
        ConsecutiveCharacters = false;
        RepeatCharacters = true;
        ExcludeSymbols = true;


        So if your password policy requires longer passwords or symbols, this functionality is pretty much unusable.






        share|improve this answer












        One addition to Mareks answer:



        Unfortunately the logic for passwords in package deserialization is completely different. It uses a class called PasswordGenerator, which is initialized with the following parameters:



        MinimumCharacters = 6;
        MaximumCharacters = 8;
        ConsecutiveCharacters = false;
        RepeatCharacters = true;
        ExcludeSymbols = true;


        So if your password policy requires longer passwords or symbols, this functionality is pretty much unusable.







        share|improve this answer












        share|improve this answer



        share|improve this answer










        answered yesterday









        Markus

        23928




        23928






























             

            draft saved


            draft discarded



















































             


            draft saved


            draft discarded














            StackExchange.ready(
            function () {
            StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsitecore.stackexchange.com%2fquestions%2f15060%2fhow-to-transfer-users-with-active-password-policy%23new-answer', 'question_page');
            }
            );

            Post as a guest















            Required, but never shown





















































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown

































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown







            Popular posts from this blog

            "Incorrect syntax near the keyword 'ON'. (on update cascade, on delete cascade,)

            Alcedinidae

            Origin of the phrase “under your belt”?