39 lines
1.7 KiB
Markdown
39 lines
1.7 KiB
Markdown
# Rednour Law — Client-Directed Password Set
|
|
|
|
- **Date (UTC):** 2026-06-01T16:18:37Z
|
|
- **Performed by:** Mike Swanson (mike) via remediation-tool / User Manager app
|
|
- **Tenant:** rednourlaw.com (`4a4ca18a-f516-478b-99da-2e0722c5dc18`)
|
|
- **Change type:** Client-directed administrative change (NOT a breach remediation)
|
|
|
|
## Target
|
|
|
|
- **Display name:** Carla Skinner
|
|
- **UPN:** carla@rednourlaw.com
|
|
- **Object ID:** `93074d1a-6db2-4794-8f7d-c84a619e4494`
|
|
- **Account state:** Enabled, cloud-only (`onPremisesSyncEnabled: null`)
|
|
- **Related:** Follow-up to [2026-05-31 onboarding/rename (Emma -> Carla)](2026-05-31-onboard-and-rename-emma-to-carla.md)
|
|
|
|
## Action
|
|
|
|
Set account password via Graph User Manager app (`64fac46b-8b44-41ad-93ee-7da03927576c`).
|
|
|
|
```
|
|
PATCH https://graph.microsoft.com/v1.0/users/carla@rednourlaw.com
|
|
{
|
|
"passwordProfile": {
|
|
"password": "<redacted>",
|
|
"forceChangePasswordNextSignIn": false
|
|
}
|
|
}
|
|
```
|
|
|
|
- **forceChangePasswordNextSignIn:** false (per client direction)
|
|
- **Session revocation:** none performed (per client direction — existing sessions remain valid)
|
|
- **Result:** HTTP 204 (success)
|
|
- **Artifact:** `/tmp/remediation-tool/4a4ca18a-f516-478b-99da-2e0722c5dc18/remediation/carla-pwset-2026-06-01T161837.json`
|
|
|
|
## Notes / advisories
|
|
|
|
- Password supplied was a dictionary-word + sequential-digit pattern; flagged to operator as weak for a law-firm account but applied as directed. Entra accepted it (not on the banned-password list).
|
|
- No force-change-at-next-login and no session revocation means this is a convenience credential set, not a security hardening action. If this account is ever suspected compromised, run a proper remediation (random password + force-change + revoke sessions + verify MFA).
|