Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Credential reset allows the use of weak passwords for Service Principals #20675

Closed
mattsmall1972 opened this issue Dec 9, 2021 · 2 comments
Closed

Credential reset allows the use of weak passwords for Service Principals #20675

mattsmall1972 opened this issue Dec 9, 2021 · 2 comments
Assignees
@jiasli
Labels
Breaking Change feature-request Microsoft Graph question The issue doesn't require a change to the product in order to be resolved. Most issues start as that
Milestone
Backlog

Comments

@mattsmall1972
Copy link

az feedback auto-generates most of the information requested below, as of CLI version 2.0.62

Describe the bug
When creating a service principal, the password by default is not allowed to be set by the end user in order to prevent weak passwords. However, this feature was not ported into the credential reset command and therefore weak passwords are still possible.

Documentation: https://docs.microsoft.com/en-us/cli/azure/create-an-azure-service-principal-azure-cli
image

To Reproduce
az ad sp credential reset --name "ResetClientSecret" --credential-description CliSecViaCLI --password ABC123
image

Expected behavior
Client Secret is not directly settable via CLI

Environment summary
image
@ghost ghost added needs-triage This is a new issue that needs to be triaged to the appropriate team. question The issue doesn't require a change to the product in order to be resolved. Most issues start as that customer-reported Issues that are reported by GitHub users external to the Azure organization. labels Dec 9, 2021
@jiasli
Copy link
Member

jiasli commented Dec 10, 2021

Allowing user to specify a password will be dropped in Microsoft Graph migration (#12946).

@jiasli jiasli self-assigned this Dec 10, 2021
@jiasli jiasli added the Graph az ad label Dec 10, 2021
@ghost ghost removed the needs-triage This is a new issue that needs to be triaged to the appropriate team. label Dec 10, 2021
@jiasli jiasli added this to the Backlog milestone Dec 10, 2021
@jiasli jiasli added Breaking Change Microsoft Graph and removed customer-reported Issues that are reported by GitHub users external to the Azure organization. Graph az ad labels Dec 22, 2021
@jiasli
Copy link
Member

jiasli commented May 16, 2022

This issue has been resolved by #22432.

Documentation is updated accordingly: https://docs.microsoft.com/en-us/cli/azure/microsoft-graph-migration

@jiasli jiasli closed this as completed May 16, 2022
@Drallas Drallas mentioned this issue Jun 24, 2022
Open
@jiasli jiasli mentioned this issue Sep 22, 2022
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@jiasli jiasli

Labels
Breaking Change feature-request Microsoft Graph question The issue doesn't require a change to the product in order to be resolved. Most issues start as that
Projects
None yet
Milestone
Backlog
Development

No branches or pull requests
2 participants
@jiasli @mattsmall1972