Domain Admins and Show Password

Question asked by Todd Hayward - 7/1/2015 at 11:18 AM

Unanswered

I know this has been a request feature FOR YEARS .....

Has this been implemented in SM14 yet ?

If not, is there some add-on that will allow my domain admins to 'show passwords' for the users in their domains?

Thanks

9 Replies

Reply to Thread

Joe Burkhead Replied

7/1/2015 at 11:53 AM

See this thread: http://portal.smartertools.com/community/a2509/any-way-to-export-all-passwords-for-a-domain.aspx

Todd Hayward Replied

7/1/2015 at 12:04 PM

Thanks for this, I have read about it before.

However ... this really does not solve the problem of letting a domain admin view the passwords of their users.

As lobbied for in the past, letting the Domain Admin view the passwords is a major advantage when running SM in a multi-tenant environment.

It's staggering that the product still does not allow for it.

Bruce Barnes Replied

7/1/2015 at 1:19 PM

If the provision to allow domain admins to see passwords is enabled, then the capability must be set as elective on a domain-by-domain basis.

To make this allowed throughout SmarterMail would cause many issues with HIPAA/HITECH and Sarbanes Oxley compliance in the United States.

I would rather set a new password for someone than be able to see their present password.

Bruce Barnes ChicagoNetTech Inc brucecnt@comcast.net Phonr: (773) 491-9019 Phone: (224) 444-0169 E-Mail and DNS Security Specialist Network Security Specialist Customer Service Portal: https://portal.chicagonettech.com Website: https://www.ChicagoNetTech.com Security Blog: http://networkbastion.blogspot.com/ Web and E-Mail Hosting, E-Mail Security and Consulting

Brian Ellwood Replied

7/2/2015 at 4:04 AM

It is a useful feature for many administrators assisting older, elderly customers who can't comprehend a password change let alone remember their password.

Please no dot unilaterally remove "show password" for system admins.

I suggest a web.config or xml toggle to handle whether this is available or not so its not easily re-enabled should the admin want is disabled.

Todd Hayward Replied

7/2/2015 at 5:13 PM

I would be fine with a per-domain option to set this.
What it comes down to is this: my customers are asking for this capability. If I cannot give it to them with SM, I may just move them to google or office 365 and get out of the mail hosting business all together.

Tim Walker Replied

8/14/2015 at 1:00 PM

need this feature/ability!

Bruce Barnes Replied

8/14/2015 at 1:58 PM

Again, it MUST be capable of being completely disabled by the SmarterMail server Administrator. Failure to provide the ability to lock out password viewing will remove SmarterMail from being used in healthcare.

Todd Hayward Replied

8/14/2015 at 4:18 PM

Fine, include that ability to disable system wide, if desired by the server admin. However, please give the admin the ability to discreetly enable 'show passwords' for the admin account of each domain on the server.

The intent being, that the admin for acme.com, can view passwords only for users in the acme.com domain, and no others.

I *really* want to be able to delegate this to the domain admins, but there is no facility in SM to allow for it.

Todd Hayward Replied

8/14/2015 at 4:20 PM

I think you mis-read what bruce was saying.

Back to Community Threads

Please leave this box unchecked

9 Replies

Reply to Thread

Tags

Related Knowledge Base Articles