From 6973736c6a676f84463b225331e03a1fe3a65643 Mon Sep 17 00:00:00 2001 From: Jarrod Johnson Date: Tue, 23 Oct 2018 09:16:15 -0400 Subject: [PATCH] Set password before setting username The BMC is at much higher risk for rejecting the password (e.g. the password does not pass complexity requirements). If the username changes, but the password is still default, it is very confusing. Give the password change the chance to break the configuration process first. --- confluent_server/confluent/discovery/handlers/bmc.py | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/confluent_server/confluent/discovery/handlers/bmc.py b/confluent_server/confluent/discovery/handlers/bmc.py index 5f053716..fe86876d 100644 --- a/confluent_server/confluent/discovery/handlers/bmc.py +++ b/confluent_server/confluent/discovery/handlers/bmc.py @@ -124,16 +124,18 @@ class NodeHandler(generic.NodeHandler): if currusers[uid]['name'] == newuser: # Use existing account that has been created newuserslot = uid + if newpass != passwd: # don't mess with existing if no change + ic.set_user_password(newuserslot, password=newpass) break else: newuserslot = lockedusers + 1 if newuserslot < 2: newuserslot = 2 + if newpass != passwd: # don't mess with existing if no change + ic.set_user_password(newuserslot, password=newpass) ic.set_user_name(newuserslot, newuser) ic.set_user_access(newuserslot, lanchan, privilege_level='administrator') - if newpass != passwd: # don't mess with existing if no change - ic.set_user_password(newuserslot, password=newpass) # Now to zap others for uid in currusers: if uid != newuserslot: