Update the Admin guide with this information (https://bugzilla.redhat.com/show_bug.cgi?id=1452668): Previously, administrators had to enter an unencrypted password when invoking 'ovirt-aaa-jdbc-tool user password-reset'. The password was then encrypted inside ovirt-aaa-jdbc-tool and stored in the database. This update enables administrators to use the new --encrypted option to enter an already encrypted password when invoking 'ovirt-aaa-jdbc-tool user password-reset'. However there are some caveats when providing encrypted passwords: 1. Entering an encrypted password means that password validity tests cannot be performed, so they are skipped and the password is accepted even if it does not comply with the password validation policy. 2. A password has to be encrypted using the same configured algorithm. To encrypt passwords, administrators can use the '/usr/share/ovirt-engine/bin/ovirt-engine-crypto-tool.sh' tool, which provides the 'pbe-encode' command to encrypt passwords using the default PBKDF2WithHmacSHA1 algorithm.
Verified and merged.
Updated document: https://access.redhat.com/documentation/en-us/red_hat_virtualization/4.1/html-single/administration_guide/#Pre-encrypting_a_User_Password
*** Bug 1503872 has been marked as a duplicate of this bug. ***