Hi, just wondering if anyone knows how to change the content of the email text that is sent for a password reset. We have a dev/test/training environments and 3 different databases so it would be nice to have a custom email to not which database/environment the password reset came from.
I like that but we are sending a password in e-mail, which is inherently insecure. You don’t want to give out too much information to help attackers. I’d like to be able to change but put some piece of information that would indicate the environment but not make it obvious to non-employees. Maybe a single digit where 5 = Live, 3 = Pilot, 1 = Education, etc.
Sorry Dave. I am not aware of a way to change that email text. I’m a cloud user so I don’t have access to any server code. One might be able to put a trace on the reset, see what object is getting called and do some disassembly. @Chris_Conn (cough, cough)
If i had to guess…which i do often, I venture to say that code to create that email is tied up in a BO/DLL somewhere. I’ve been threatened with my life on even mentioning its possible to modify server code I will have a peek though when i get a chance.
Thanks, I am not into changing code. I have located the text in ice.services.bo.userfile.xml but modifying the text in the xml file does not change the message in the email.
<member name="M:Ice.BO.UserFile.Resources.Strings.ResetPWBody(System.Object)">
<summary>
String: 'String: 'Epicor UFP Production Temporary password has been set for you, please use to login to Epicor UFP Production.
{0}
If you are still experiencing problems logging into the Epicor application, please contact your System Administrator.'.
</summary>
</member>
If you mean the text “The temporary password below can be used to login to Epicor.”, that is defined in a string resource file, which is baked into the Erp.BO.UserFile DLL. I’m wondering if there’s some clever way to make a localization or something that would let you modify it. But I suspect it would require creating a satellite assembly which would have to be signed. I’m asking around.
FWIW, we are building a new identity management system for ERP that lets you define much richer templates for sending users password management emails. But I know that’s not helpful today.
Ok, we are testing this password reset process (10.2.300.11). And it is anoying to see this automated text (format, font etc… ) . And worst of all, it is only in english. We are using Epicor in french language. And even if we are in french it sends the email in english.
I wonder if doing a BPM to be activated via the change in the password (sorry did not look yet just thinking about it as I write this… ) and so we can launch the email the way we want via an email widget using HTML… ?
But it would be much appreciated, moreover expected, if Epicor correct this in a future release…or a fix…
Tried that, change the 218336 text that corresponded to the email message, but it did not change in the email. as it looks like it is hard coded into the DLL…
I also tried to detect in the UserFile a change in a field indicating a password reset bit… but no success there…(using Method directive Update, ttUserFile.ClearPassword changed from anything to TRUE)
Added two messages on both sides and none were fired during password reset.
I am trying to offer an alternative here…as we intend to go live at the end of March…
Anyone would know how to detect a password reset demand?