With Tessitura V15 we have run into problems where "captive" system accounts stop working because their password needs to be reset. This behavior is new to us in Tessitura V15.
As we understand it with Tessitura Version 15 there are now stronger password restrictions. An account can't be used at all until the password is re-set. In the past these accounts would continue to perform their report and other function. You just could not log-in to the client with these accounts until the password was reset.
So, we are using a "captive account" for processes like:
When these passwords expire the services above just stop working.
Have other folks run into this situation?
What are folks doing to manage this so that services continue to operate 7x24x365 as expected, and you don't personally have to go in and make changes each time the expiration is about to occur?
--Tom
I've opened a Task Ticket on this. Have others?
I've also tried the following. Suggested by the iWave team.
UPDATE T_METUSERSET pw_expr_dt = '2099-12-31'WHERE userid = ‘XXXXXX'Where XXXXX is the iWave account.
This seems to work. However, I don't know how fragile this is. If someone goes into the security module for some reason and make a change to the rights of one of these accounts. Does the pw_expr_dt get reset to 3 months in the future again?
Hey, Tom.
We've had to do exactly that with our restweb user (we're on TNEW). I have calendar reminders set up letting me know when the password is about to expire and have to update it with the network. Strangely enough, an expired password hasn't been an issue with our Wordfly or TPS Services - don't know why, but they're running just fine at the moment.
I've sent many-a-TASK-tickets and their response has been setting calendar reminders until upgrading to v15.1. Apparently there will be an additional "location" or type of user available whose password never expires. We're upgrading Test next week, so I'll let you know how that goes... :)
Hi Tom -
As Emily mentioned above, there is a new user type of "API" in v15.1, which is available for user accounts created for interactions with the API. Passwords for users of this type do not expire, and users of this type cannot be used to access any of the Tessitura applications.
Thanks,
Patrick
In my recent TASK ticket. I was told there would not be a fix for this in 15.1. Apparently, the accounts set up by TIM may have some exemption. I'm not clear on this point. Anyone else know what's up?
Patrick Schley (Past Staff Member)
Is there a way to get accounts like iWave included on this list?
Is there a way for Licensees to set up similar accounts for our web site for example?
Hey Patrick,
Does this affect how TNEW V7 will bring system tables into the web editor?
Unknown said:Have other folks run into this situation?
Yes, recently one of our non-interactive, system logins, I think it may have been "nscanapi", expired. Some sort of scheduled reminder would be fine, but passwords on accounts like these should never just expire, imho.
I've added code to update T_METUSER, for selected accounts, that runs nightly and sets the expire dt far into the future, if it isn't.
Apologies for the confusion. This is a relatively new feature so it could be easy to overlook. It is in the "What's New in Version 15.1" section of the Help System under Miscellaneous v15.1 Changes. You can change the User Type to API in Tessitura Security.
No, this does not affect that functionality.
I had to do the same as we have users that only access TRBO, Tessitura On-the-Go, and/or TNEW Admin. I too have calendar reminders set to remind me to update the password expiration date. I submitted a TASK ticket and their response is that this is expected behavior so I have submitted an enhancement request because users who only have access to the above cannot change their password. I did not think to look at the iWave account so thanks for mentioning it!
Chris Jensen
How is that chunk of code working out for you? I was considering making this into a job as well.
Unknown said:How is that chunk of code working out for you?
Just fine. I added it to a daily scheduled job that does mostly data hygiene updates, but now also runs:
-- I never want a Tess non-login system account password to "expire" again. we'll reset them on our schedule...update T_METUSER set pw_expr_dt = '12/31/2099'where location in ('ITS','System Resource') and inactive = 'N'and userid in ([various system logins here])and pw_expr_dt < '12/31/2099'