Mike Swanson
470638ff86
Dataforth DOS: - TestDataDB: singleton DB connection fix (crash prevention), WAL mode, WinSW service config, backup script, uncaught exception handlers - Sync-FromNAS.ps1: Get-NASFileList temp file approach to avoid SSH stdout deadlock, *> $null output suppression, 8.3 filename filter for PUSH phase, backslash-escaped SCP paths, rename-to-.synced - import.js: INSERT OR REPLACE for re-tested devices - Full import run: 1,028,275 -> 1,632,793 records, indexes added - Deploy script for sync fixes to AD2 Client scripts (temp/): - BG Builders: Lesley account check, MFA phone update - Lonestar Electrical: Kyla/Russ Google Workspace setup, 2FA bypass - AD2 diagnostics and NAS connectivity tests PENDING: Investigate why newest test_date is Jan 19 despite daily tests Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
61 lines
2.2 KiB
Python
61 lines
2.2 KiB
Python
"""Reset password for office@lonestarelectrical.net so Kyla can login and set up MFA"""
|
|
import secrets
|
|
import string
|
|
from google.oauth2 import service_account
|
|
from googleapiclient.discovery import build
|
|
|
|
SCOPES = [
|
|
'https://www.googleapis.com/auth/admin.directory.user',
|
|
'https://www.googleapis.com/auth/admin.directory.user.security',
|
|
]
|
|
|
|
creds = service_account.Credentials.from_service_account_file(
|
|
'temp/acg-msp-access-8f72339997e5.json', scopes=SCOPES
|
|
)
|
|
delegated = creds.with_subject('sysadmin@lonestarelectrical.net')
|
|
service = build('admin', 'directory_v1', credentials=delegated)
|
|
|
|
user_email = 'office@lonestarelectrical.net'
|
|
|
|
# Check current user status
|
|
print(f"=== Checking {user_email} ===")
|
|
try:
|
|
user = service.users().get(userKey=user_email).execute()
|
|
print(f"Name: {user.get('name', {}).get('fullName', 'N/A')}")
|
|
print(f"Suspended: {user.get('suspended', 'N/A')}")
|
|
print(f"Archived: {user.get('archived', 'N/A')}")
|
|
print(f"2FA Enrolled: {user.get('isEnrolledIn2Sv', 'N/A')}")
|
|
print(f"2FA Enforced: {user.get('isEnforcedIn2Sv', 'N/A')}")
|
|
print(f"Last Login: {user.get('lastLoginTime', 'N/A')}")
|
|
print(f"Creation: {user.get('creationTime', 'N/A')}")
|
|
except Exception as e:
|
|
print(f"[ERROR] Could not get user: {e}")
|
|
exit(1)
|
|
|
|
# Generate a temp password
|
|
alphabet = string.ascii_letters + string.digits + "!@#$"
|
|
temp_pass = ''.join(secrets.choice(alphabet) for _ in range(16))
|
|
|
|
# Reset password, require change on next login
|
|
print(f"\n=== Resetting password ===")
|
|
try:
|
|
service.users().update(
|
|
userKey=user_email,
|
|
body={
|
|
'password': temp_pass,
|
|
'changePasswordAtNextLogin': True,
|
|
'suspended': False,
|
|
}
|
|
).execute()
|
|
print(f"[OK] Password reset successful")
|
|
print(f"[OK] Account unsuspended (if it was)")
|
|
print(f"[OK] Must change password on first login")
|
|
print(f"\nTemporary password: {temp_pass}")
|
|
print(f"\nGive Kyla:")
|
|
print(f" Email: {user_email}")
|
|
print(f" Password: {temp_pass}")
|
|
print(f" URL: https://accounts.google.com")
|
|
print(f" She will be prompted to change password and set up MFA")
|
|
except Exception as e:
|
|
print(f"[ERROR] Password reset failed: {e}")
|