security login password-prepare-to-downgrade
Reset password features introduced in the Data ONTAP version
Availability: This command is available to cluster administrators at the advanced privilege level.
Description
If the password of the system administrator is not encrypted with an encryption type supported by releases earlier than ONTAP 9.0, this command prompts the administrator for a new password and encrypt it using a supported encryption type on each cluster or at each site in a MetroCluster configuration. In a MetroCluster configuration, this command must be run on both sites. The password for all other users are marked as "expired". This causes them to be re-encrypted using a compatible encryption type. The expired passwords are changed with an internally generated password. The administrator must change the passwords for all users before the users can login. The users are prompted to change their password upon login. This command disables the logging of unsuccessful login attempts. The command must be run by a user with the cluster admin role from a clustershell session on the console device. This user must be unlocked. If you fail to run this command, the revert process fails.
Parameters
-disable-feature-set <downgrade version>
- Data ONTAP Version (privilege: advanced)-
This parameter specifies the ONTAP version that introduced the password feature set.
Examples
The following command disables the logging of unsuccessful login attempts.
cluster1::*> security login password prepare-to-downgrade -disable-feature-set 8.3.1 Warning: This command will disable the MOTD feature that prints unsuccessful login attempts. Do you want to continue? {y|n}: y cluster1::*>
The following command prompts system administrator to enter password and encrypt it with the hashing algorithm supported by releases earlier than ONTAP 9.0.
cluster1::*> security login password prepare-to-downgrade -disable-feature-set 9.0.0 Warning: If your password is not encrypted with an encryption type supported by releases earlier than ONTAP 9.0.0, this command will prompt you for a new password and encrypt it using a supported encryption type on each cluster or at each site in a MetroCluster configuration. In a MetroCluster configuration, this command must be run on both sites. The password for all other users are marked as "expired" and changed to an internally generated password. The administrator must change the passwords for all users before the users can login. The users are prompted to change their password upon login. Do you want to continue? {y|n}: Enter a new password: Enter it again: cluster1::*>