Bulk Password Set/Reset in Access Governance Suite

  • 7011029
  • 27-Jan-2012
  • 19-Oct-2012


To set (or reset) a large number of Access Governance Suite passwords, create a rule that will iterate through each Identity in the system and set the password for each user. Run rule from the console. An example of such a rule appears below. This example iterates through every user, filtering for correlated IDs that are Managers, and sets each Identity's password through the API.

<?xml version='1.0' encoding='UTF-8'?>
<!DOCTYPE sailpoint PUBLIC "sailpoint.dtd" "sailpoint.dtd">
<Rule name='Bulk Set Identity Password' language='beanshell'

        Iterates through every identity in the system and sets a password for
        the Identity in Access Governance Suite.  

  <Signature returnType='Identity'>
      <Argument name='context'>
          A sailpoint.api.NetIQContext object that can be used to
          access the database.

import java.util.Iterator;
import sailpoint.object.Filter;
import sailpoint.object.QueryOptions;
import sailpoint.object.Identity;

QueryOptions opts = new QueryOptions();

Filter filterCorrelated = Filter.eq("correlated", true);

Filter filterManager    = Filter.eq("managerStatus", true);

Iterator iterator = context.search(Identity.class, opts);

while (iterator.hasNext()) {
     Identity thisId = (Identity) iterator.next();
     String idName  = thisId.getName();
     String idFirst = thisId.getFirstname();
     String idLast  = thisId.getLastname();
     String newPassword = "xyzzy";
     System.out.println("Setting password for: [" + idFirst + " " + idLast + "]");

System.out.println("Done processing Identity objects.");


When this rule is run from the Access Governance Suite console, the output will look something like this:

> rule "Bulk"
Setting password for: [Alex Anderson]
Setting password for: [Debra Downing]
Setting password for: [John Smith]
Done processing Identity objects.