role resetpw

Resets the password for a specified role. The partition SO can reset the Crypto Officer password or black PED key only if HSM policy 15: "Enable SO reset of partition PIN" is enabled. By default, this policy is not enabled and changing it is destructive.

If the target role is not on the current partition, you must specify the target role's partition's slot.

NOTE   Resetting passwords for roles on partitions other than the current partition is possible only from the administrative partition.

Syntax

role resetpw -name <role> [-password <password>] [-slot <slotnumber>]

Option Shortcut Description
-name <role> -n Name of role to have password reset.
-password <password> -p Password for the specified role. Use this option for password-authenticated HSMs only. PED-authenticated HSMs will return an error.
-slot <slotnumber> -s Target slot.

Example

lunacm:> role resetpw -name co

        Please attend to the PED.

Command Result : No Error