Plesk Mass Password Reset Script

Release Notes

The Mass Password Reset Script was designed to allow Parallels Plesk Panel (PP) owners to reset the passwords of all PP accounts in an automated way.
Please feel free to provide your feedback about the script on the Plesk Forum.
Note: Users that have PP nodes registered in PBA-S must perform the actions described in "PBA-S Specific."
Usage:
1. Download the script to your PP server.
2. Unzip it.
3. Run it as described below.
Linux:

# php -d safe_mode=0 plesk_password_changer.php `cat /etc/psa/.psa.shadow` ['new admin password'] [options]

Windows:

"%plesk_dir%\additional\PleskPHP5\php.exe" -d safe_mode=0 plesk_password_changer.php <old admin password> [new admin password] [options]

Where [options] can be:
         –all – [default] reset passwords for all supported entities
         –admin – reset password for admin
         –resellers – reset passwords for resellers
         –clients – reset passwords for clients
         –domains – reset passwords for main FTP account of domains
         –domainadmins – reset passwords for Domain Administrators
         –users – change passwords for hosting panel users
         –additionalftpaccounts – reset passwords for additional FTP accounts for domains
         –subdomains – reset passwords for subdomains. NOTE: For Plesk 10.x subdomains treated as domains.
         –webusers – reset passwords for Web Users
         –mailaccounts – reset passwords for mail accounts
Examples:

php -d safe_mode=0 plesk_password_changer.php `cat /etc/psa/.psa.shadow`
# means that passwords for all PP entities will be reset, password for admin will be generated automatically

php -d safe_mode=0 plesk_password_changer.php `cat /etc/psa/.psa.shadow` –domains
# means that passwords for main FTP account of domains only

php -d safe_mode=0 plesk_password_changer.php `cat /etc/psa/.psa.shadow` ‘s3$ret!’ –admin –clients
# means that passwords for admin and clients will be reset, password for admin will be "s3$ret!" (without quotes)

php -d safe_mode=0 plesk_password_changer.php `cat /etc/psa/.psa.shadow` ‘s3$ret!’
# means that passwords for all PP entities will be reset, password for admin will be "s3$ret!" (without quotes)

Important information:
PP "admin" password will be generated if <new admin password> is not specified.
The script writes new passwords and information about updated accounts into the new_plesk_passwords.csv file.
Output example:

[2011-10-11 11:30:55][INFO] ==> Installed Plesk version/build: 10.4.4 Debian 5.0 1013111102.18

[2011-10-11 11:30:55][INFO] ==> Detect system configuration [2011-10-11 11:30:55][INFO] OS: Debian GNU/Linux 5.0 \n \l [2011-10-11 11:30:55][INFO] Arch: i386 [2011-10-11 11:30:55][INFO] ==> Validate given db password [2011-10-11 11:30:55][INFO] Result: OK [2011-10-11 11:30:55][INFO] ==> Plesk Password Changer version: 10.4.0.23 [2011-10-11 11:30:55][INFO] ==> STEP 1: Change password for resellers... [2011-10-11 11:30:56][INFO] Reseller login: res1 Email: reseller1@mail.com New password: Ajx3J4cHDjaG [2011-10-11 11:30:57][INFO] Reseller login: res2 Email:reseller2@mail.comNew password: Ua7TPxc6lsk9 [2011-10-11 11:30:57][INFO] ==> STEP 2: Change password for clients... [2011-10-11 11:30:58][INFO] Client login: cl1 Email: client1@mail.com New password: qiCJJd1525Im [2011-10-11 11:30:59][INFO] Client login: cl2 Email:client2@mail.comNew password: LwrWpt4ybPxb [2011-10-11 11:30:59][INFO] ==> STEP 3: Change password for users... [2011-10-11 11:31:09][INFO] Hosting Panel User: mail1@domain.com New password: xtV2hsPy1Drj [2011-10-11 11:31:15][INFO] Hosting Panel User: user1@domain2.comNew password: NZGheFAsHTFn [2011-10-11 11:31:17][INFO] Hosting Panel User: user1@domain3.tld New password: Pg7bgQ3hTrCx [2011-10-11 11:31:18][INFO] Hosting Panel User: admin@gmail.com New password: nCkE17PhvG8h [2011-10-11 11:31:18][INFO] ==> STEP 4: Change password for FTP users of domains... [2011-10-11 11:31:20][INFO] FTP user ftp1 for domaindomain.comNew password: 9cmlKwXKjfv7 [2011-10-11 11:31:22][INFO] FTP user ftp2 for domaindomain2.comNew password: RZG9G7ZxbOVS [2011-10-11 11:31:24][INFO] FTP user ftp3 for domaindomain3.comNew password: 5VKX83JwAb47 [2011-10-11 11:31:26][INFO] FTP user ftp4 for domaindomain4.comNew password: md3XuAfxgLAa [2011-10-11 11:31:26][INFO] ==> STEP 5: Change password for additional FTP accounts... [2011-10-11 11:31:28][INFO] Domain:domain4.comAdditional FTP account: addftp1 New password: 5gsVrBlW8jjs [2011-10-11 11:31:28][INFO] ==> STEP 6: Change password for mail accounts... [2011-10-11 11:31:29][INFO] Mail account: justemail@domain.comNew password: Rgfi3SJTTkps [2011-10-11 11:31:30][INFO] Mail account: justEmail@domain2.comNew password: OQcr9VtxOyGc [2011-10-11 11:31:30][INFO] ==> STEP 7: Change password for web users of domains... [2011-10-11 11:31:31][INFO] Web user wu1 for domaindomain2.comNew password: wrBX6dChkUXG [2011-10-11 11:31:33][INFO] Web user wu2 for domaindomain2.com New password: 870jUPoN06qc [2011-10-11 11:31:33][INFO] ==> STEP 8: Change password for admin... nohup: redirecting stderr to stdout mysqld_safe[4677]: started mysqld_safe[4696]: ended [2011-10-11 11:31:55][INFO] Admin new password: ngtt5PmQfcgW Found errors: 0; Found Warnings: 0

PBA-S Specific

If Plesk Panel is registered as a Plesk node in Parallels Business Automation – Standard, after resetting passwords with theplesk_password_changer script (see above), integration between Plesk and PBA-S will be affected.

In order to recover integration with Plesk, you need to run the reset_plesk_passwords.pl script on the PBA-S management node. This script will change passwords for Plesk instances that are stored in the PBA-S database, as well as the admin password that is used to connect to the Plesk node.

Reset_plesk_passwords has two execution modes:
– without –process parameter script will check the data consistency inside the CSV file and show the queries that will be executed in the aspc database (without actual execution).
– with –process parameter script will execute the necessary queries for password changes for Plesk instances.
Usage:

# perl reset_plesk_passwords.pl --hw_ip=<plesk node IP address> --file=<output CSV file generated by plesk_password_changer.php>

The output of this script will be as follows:

Input parameters: hw_ip=>10.52.53.101, hw_id=>, file=>new.csv, process=> Running in debug mode, use --process parameter to alter DB Processing client(s)... No entities of type client found in CSV file! Processing customer(s)... No entities of type customer found in CSV file! Processing reseller(s)... Following statements will be executed: UPDATE `plesk_client_cache` SET `plesk_password` = 'sHMHLrDJA9KlQWE' WHERE `hw_id` = '10' AND `plesk_login` = 'pbas_client1' AND `type` = '1'; UPDATE `plesk_client_cache` SET `plesk_password` = 'aHkgsUyETsDKQWE' WHERE `hw_id` = '10' AND `plesk_login` = 'pbasclien2_gma_5com_1034' AND `type` = '1'; Processing domain(s)... Following statements will be executed: UPDATE `plesk_domain_cache` SET `plesk_password` = 'OMu8tNVUcSOF' WHERE `hw_id` = '10' AND `plesk_name` = 'pbasSub1.a10-52-53-101.qa.plesk.ru'; Processing admin... Following statements will be executed: UPDATE `hw` SET `root_password` = 'something' WHERE `hw_id` = '10'; Finished successfully

# perl reset_plesk_passwords.pl --hw_ip=<plesk node IP address> --file=<output CSV file generated by plesk_password_changer.php> --process

The output of this script will be as follows:

Input parameters: hw_ip=>10.52.53.101, hw_id=>, file=>new.csv, process=>1 Processing client(s)... No entities of type client found in CSV file! Processing customer(s)... No entities of type customer found in CSV file! Processing reseller(s)... Processing domain(s)... Processing admin... Finished successfully [root@a10-52-49-208 ~]#

Also, instead of the IP address of a Plesk node, you can supply the script with the ID of this Plesk node from the PBA-S database.

# perl reset_plesk_passwords.pl --hw_id=<id> --file=<output CSV file generated by plesk_password_changer.php> --process

Plesk Mass Password Reset Script

PBA-S Specific

Leave a comment

Cancel reply