Update GL database to allow new users to enable 2fa without requesting a password they don't have
This is an issue for implementing the solution for the problem described at eclipsefdn/helpdesk#1251 (comment 1294410)
After reviewing the database, we identified that the user.password_automatically_set column serves as the key indicator for password entry prompts.
When the user.password_automatically_set is set to "f", the UI requires the user to enter a password. If the flag is set to "t", the user is NOT required to set a password.
Requirements:
- add a condition on the update statement to only update that flag for users with a valid relationship with the identities table where the openid_connect ids from EF are stored for each user. We don't want to update that flag for users without an openid connect record.
- The sync script should have the minimal privileges necessary within the database. This includes limiting access to the machine through firewall rules (IP allowlisting) and using credentials that have no permissions other than updating the specific column we aim to modify.
//cc @mbarbero