Configuration Properties to Execute Commands After Changing Passwords
After changing passwords, executing some commands might be needed in some specific cases, such as killing active sessions in the device that were started with the previous password. For these commands to be executed the following properties must be set in the configurations with SSH and SMB strategies:
post.command | The commands that are to be executed on the server after a successful password change. Multiple commands can be separated with \n characters. |
|---|---|
post.command.failure.pattern | If the pattern defined in this property is found in the “post-command” results, the command is accepted as "FAILED", and command execution is stopped. The remaining commands are not executed if the “post.command.stop.on.fail” property is set as “true”. |
post.command.stop.on.fail | When the property value is set as “true”, if any failure occurs during post command execution, the remaining commands are not executed. The default value is “false”. |
execute.post.command.with.super.user | If it is set as “true”, the super user credentials defined by the “super.username” and “super.password” properties are used to run the commands after the password change. The default value is “false”, meaning the SAPM account username and password are used to run the commands after the password change. |
When using an SSH strategy the last command in the post.command property must be a logout command.
Windows Example
post.command | net stop Dnscache\nnet start Dnscache |
|---|---|
post.command.failure.pattern | .*invalid.* |
post.command.stop.on.fail | false |
execute.post.command.with.super.user | true |
Linux Example
post.command | systemctl restart rsyslog\nlogout |
|---|---|
post.command.failure.pattern | .*Failed.* |
post.command.stop.on.fail | true |
execute.post.command.with.super.user | true |