Reset User Password
Contributors
Download PDF of this page
Reset user password steps
-
Navigate to the Used Detail page in VDS
-
Find the Password Section, enter the new PW twice and click
Time to take effect
-
For environments running an “Internal” AD on VMs in the environment the password change should take effect immediately.
-
For environments running Azure AD Domain Services (AADDS) the password change should take about 20 minutes to take effect.
-
The AD type can be determined on the Deployment Details Page:
Self service password reset (SSRP)
The NetApp VDS Windows client and the NetApp VDS web client will provide a prompt for users that enter an incorrect password when logging into a v5.2 (or later) virtual desktop deployment. In the event that the user has locked their account, this process will unlock a user’s account as well.
Note: users must have already entered a mobile phone number or an email address for this process to work.
SSPR is supported with:
-
NetApp VDS Window Client
-
NetApp VDS Web Client
In this set of instructions, you will walk through the process of using SSPR as a simple means to enable users to reset their passwords and unlock their accounts.
NetApp VDS Windows client
-
As an end user, click the Forgot Password link to continue.
-
Select whether to receive your code via your mobile phone or via email.
-
If an end user has only provided one of those contact methods, that will be the only method displayed.
-
After this step, users will be presented with a Code field where they should enter the numeric value received either on their mobile device or in their inbox (depending which was selected). Enter that code followed by the new password and click Reset to proceed.
-
Users will see a prompt informing them that their password reset has been completed successfully – click Done to proceed to complete the logon process.
If your deployment is using Azure Active Directory Domain Services, there is a Microsoft-defined password sync period – every 20 minutes. Again, this is controlled by Microsoft and cannot be changed. With this in mind, VDS displays that the user should wait for up to 20 minutes for their new password to take effect. If your deployment is not using Azure Active Directory Domain Services, the user will be able to log in again in seconds.
HTML5 portal
-
If the user fails to enter the correct password when attempting to login through the HTML5, they will now be presented with an option to reset the password:
-
After clicking on the option to reset their password, they will be presented with their reset options:
-
The ‘Request’ button will send a generated code to the option selected (in this case the user’s email). The code is valid for 15 minutes.
-
The password has now been reset! It is important to remember that Windows Active Directory will often need a moment to propagate the change so if the new password does not work immediately, just wait a few minutes and try again. This is particularly relevant for users residing in an Azure Active Directory Domain Services deployment, where a password reset could take up to 20 minutes to propagate.
Enabling self service password reset (SSPR) for users
To use Self Service Password Reset (SSPR), administrators must first enter a mobile phone number and/or an email account for an end user There are two ways to enter a mobile number and email addresses for a virtual desktop user as detailed below.
In this set of instructions, you will walk through the process of configuring SSPR as a simple means for end users to reset their passwords.
Bulk importing users via VDS
Start by navigating to the Workspaces module, then Users & Groups and then clicking Add/Import.
You can enter these values for users when creating them one by one:
Or you can include these when bulk-importing users downloading and uploading the preconfigured Excel XLSX file in with this content filled out:
Supplying the data via the VDS API
NetApp VDS API – specifically this call https://api.cloudworkspace.com/5.4/swagger/ui/index#!/User/User_PutUser – provides the ability to update this information.
Updating existing user phone
Update the users' phone number on the User Detail Overview page in VDS.
Using other consoles
Note: you currently cannot provide a phone number for a user via the Azure Console, Partner Center or from the Office 365 Admin console.
Customize SSPR sending address
NetApp VDS can be configured to send the confirmation email from a custom address. This is a service provided to our service provider partners who wish for their end users to receive the reset password email to be sent from their own customized email domain.
This customization requires some additional steps to verify the sending address. To start this process, please open a support case with VDS support requesting a custom "Self Service Password Reset Source Address". Please define the following:
-
Your partner code (this can be found by clicking on settings under the upper-right down arrow menu. See screenshot below)
-
Desired "from" address (which must be valid)
-
To which clients the setting should apply (or all)
Opening a support case can be done by emailing: VDSsupport@netapp.com
Once received, VDS support will work to validate the address with our SMTP service and activate this setting. Ideally you’ll have the ability to update public DNS records on the source address domain to maximize email deliverability.
Password complexity
VDS can be configured to enforce password complexity. The setting for this is on the Workspace Detail Page in the Cloud Workspace Settings section.
Password complexity: Off
Policy | Guideline |
---|---|
Minimum Password Length |
8 characters |
Maximum Password Age |
110 days |
Minimum Password Age |
0 days |
Enforce Password History |
24 passwords remembered |
Password Lock |
Automatically lockout will occur after 5 incorrect entries |
Lock Duration |
30 minutes |
Password complexity: On
Policy | Guideline |
---|---|
Minimum Password Length |
8 characters |
Maximum Password Age |
110 days |
Minimum Password Age |
0 days |
Enforce Password History |
24 passwords remembered |
Password Lock |
Automatically lock will occur after 5 incorrect entries |
Lock Duration |
Remains locked until administrator unlocks |