role resetpw
Resets the password for a specified role. The partition SO can reset the Crypto Officer password or black PED key only if HSM policy 15: "Enable SO reset of partition PIN" is enabled. By default, this policy is not enabled and changing it is destructive.
If the target role is not on the current partition, you must specify the target role's partition's slot.
NOTE Resetting passwords for roles on partitions other than the current partition is possible only from the administrative partition.
Syntax
role resetpw -name <role> [-password <password>] [-slot <slotnumber>]
Option | Shortcut | Description |
---|---|---|
-name <role> | -n | Name of role to have password reset. |
-password <password> | -p | Password for the specified role. Use this option for password-authenticated HSMs only. PED-authenticated HSMs will return an error. |
-slot <slotnumber> | -s | Target slot. |
Example
lunacm:> role resetpw -name co Please attend to the PED. Command Result : No Error