E10 passwords after e10 db conversion

Hi All,

After a db conversion from E9 to E10 I understand users passwords need to be reset before they can login to E10. I understand for the first user this needs to be done via a direct write to the SQL database. This results in a blank password which allows the person to login, and if they are a security manager they can then use the User Maintenance screen to reset other users passwords so they can get in.

Is our understanding correct? I ask as we just did our first DB conversion and want to make sure we have a good process in place for 2nd and 3rd db conversions so ideally everything go smoothly.

This aspect is incorrect, at least in regards to our intent. The first user that connects from the EAC (which needs to be a security manager) will be/should be prompted to reset their password within the EAC. That user can then log in and reset other user accounts, as needed.

1 Like

Thanks @aidacra. In ECA I see I can right click a user and select reset password. When I attempt to do this for a security manager to test this out I get an error: Send E-Mail is empty(gory details at the end). My first thought was I need to configure an SMTP server, so set one up but the error persists(localhost:25 is verified to be listening and relaying messages to our mail server).

Is the reset password functionality(sending the email) dependant upon some configuration with in Epicor(e.g. is there a config file where I can setup SMTP information or something else) or is there a standard configuration we need to setup(e.g. it expects the mail server to be running on 127.0.0.1 on port 25)?

Gory details of error:

System.Exception: Send E-Mail is empty.

at Ice.Services.BO.UserFileSvc.sendTempPasswordEmail(String tempPassword, String email) in C:_Releases\ICE\ICE3.2.200.15\Source\Server\Services\BO\UserFile\UserFile.cs:line 676
at Ice.Services.BO.UserFileSvc.setTempPassword(String userID) in C:_Releases\ICE\ICE3.2.200.15\Source\Server\Services\BO\UserFile\UserFile.cs:line 1084
at Ice.Services.BO.UserFileSvc.UserFileBeforeUpdate() in C:_Releases\ICE\ICE3.2.200.15\Source\Server\Services\BO\UserFile\UserFile.cs:line 1024
at Ice.Services.Trace.TablesetProfilingCollector.DoRowEventTrace(String tableName, String methodName, Int32 rowCount, Action action) in C:_Releases\ICE\RL3.2.200.0\Source\Framework\Epicor.Ice\Services\TablesetProfilingCollector.cs:line 146
at Ice.TablesetBound3.UpdateRow(IceDataContext dataContext, Int32 tableNum, IIceTable table, IceRow updatedRow, IceRow originalRow, TablesetProfilingCollector parentTraceCollector) in C:\_Releases\ICE\RL3.2.200.0\Source\Framework\Epicor.Ice\Services\TablesetBound.cs:line 1289 at Ice.TablesetBound3.WriteTable(IceDataContext dataContext, Int32 tableIndex, IIceTable table, TablesetProfilingCollector parentTraceCollector) in C:_Releases\ICE\RL3.2.200.0\Source\Framework\Epicor.Ice\Services\TablesetBound.cs:line 997
at Ice.TablesetBound3.InnerUpdate[TUpdater](IceDataContext dataContext, TFullTableset tableset) in C:\_Releases\ICE\RL3.2.200.0\Source\Framework\Epicor.Ice\Services\TablesetBound.cs:line 892 at Ice.Services.BO.UserFileSvc.Update(UserFileTableset& ds) in C:\_Releases\ICE\ICE3.2.200.15\Source\Server\Services\BO\UserFile\UserFile.Designer.cs:line 962 at Ice.Services.BO.UserFileSvcFacade.Update(UserFileTableset& ds) in C:\_Releases\ICE\ICE3.2.200.15\Source\Server\Services\BO\UserFile\UserFileSvcFacade.cs:line 1090 at SyncInvokeUpdate(Object , Object[] , Object[] ) at System.ServiceModel.Dispatcher.SyncMethodInvoker.Invoke(Object instance, Object[] inputs, Object[]& outputs) at Epicor.Hosting.OperationBoundInvoker.InnerInvoke(Object instance, Func2 func) in C:_Releases\ICE\ICE3.2.200.15\Source\Framework\Epicor.System\Hosting\OperationBoundInvoker.cs:line 59
at Epicor.Hosting.OperationBoundInvoker.Invoke(Object instance, Func`2 func) in C:_Releases\ICE\ICE3.2.200.15\Source\Framework\Epicor.System\Hosting\OperationBoundInvoker.cs:line 47
at Epicor.Hosting.Wcf.EpiOperationInvoker.Invoke(Object instance, Object[] inputs, Object[]& outputs) in C:_Releases\ICE\ICE3.2.200.15\Source\Framework\Epicor.System\Hosting\Wcf\EpiOperationInvoker.cs:line 23
at System.ServiceModel.Dispatcher.DispatchOperationRuntime.InvokeBegin(MessageRpc& rpc)
at System.ServiceModel.Dispatcher.ImmutableDispatchRuntime.ProcessMessage5(MessageRpc& rpc)
at System.ServiceModel.Dispatcher.ImmutableDispatchRuntime.ProcessMessage11(MessageRpc& rpc)
at System.ServiceModel.Dispatcher.MessageRpc.Process(Boolean isOperationContextSet)

at Epicor.ServiceModel.Channels.ImplBase1.ShouldRethrowNonRetryableException(Exception ex, DataSet[] dataSets) at Ice.Proxy.BO.UserFileImpl.Update(UserFileDataSet ds) at Epicor.Mfg.Administration.ServerManagement.ApplicationServerManager.Actions.UserActions.ResetUserPassword(UserResultNode resultNode, AsyncStatus asyncStatus) at Epicor.Mfg.Administration.ServerManagement.ApplicationServerManager.Actions.UserActions.ExecuteAction(Object item, Action action, AsyncStatus asyncStatus) at Epicor.Mfg.Administration.ServerManagement.Common.Views.ListView1.OnSelectionAction(Action action, AsyncStatus status)

In company setup, you have to enter a “From” address if it’s the error I’m thinking of.

Mark W.

Really? Is there another piece to this that I am missing. We are in the middle of testing E9 to E10 and I am not aware of my users saying they need to rest passwords.

1 Like

Thanks so much Kimberley. We just ran our 1st DB conversion and although we got users into the system there was a lot of stumbling to get the first user in. We’d like our 2nd and 3rd conversion to go more smoothly…

Anyway, I just tried to login as two users where we haven’t done anything to modify the password and we could login!

Thanks that is a big help :slight_smile:

FYI - In 10.x we ‘copy and pasted’ the legacy E9 algorithms so that on first access, the users passwords would be upgraded to the E10 algorithms. The process SHOULD be, first time login, user password fails against e10 algorithm, we recalculate against the E9 algorithm and if success, take the successful password and save the password in E10 format.

The E9 approach was reasonable for the late 90s and early 2000s but in the modern days of cloud we had to bump up the password protection to modern approaches.

2 Likes

I can login fine after migrating, without changing a single password. E9.702A to E10.1.400/500/E10.2.300.

You can read a little bit more on Epicor Passwords if youd like =) at [ Technical ] Epicor Password Hash - SHA256 - Experts' Corner - Epicor User Help Forum

I also did the conversion process about 120 times, if I can be of assistance ask it on the forum and tag me.