So we use CyberArk for managing user accounts with Admin access to applications.  As far as I can find there is no plugin for CyberArk to ServiceNow for Local User account password management.  If there is it would be great if someone posted it here.  But here is my issue.

We setup a custom scripted REST web service that check some security and looks for things and if it all passes we set the password for the user that as supplied.  So if we have local account Admin1 and Integration1.  Both have the admin role in ServiceNow.  If I call the service with Integration1 account requesting the Admin1 accounts password to be set the system tells me it did it but does not actually change the password.  If I use Admin1 account to request the password to be set for the Admin1 account the system does it.

So for some reason if a user with the admin role calls the service to set the PW for a different user that has the admin role it does not work.  It feels like this is in some fashion a security issue but both users are admins so I cannot help but think its something coded into the system someplace specifically for the admin role.

Has anyone managed to do this kind of thing?

Code I have tried

//I like this one because it checks PW policy
var result = SNC.PasswordPolicyEvaluator.setUserPassword(userID, pw);

//Other code I tried when the above did not work when Admin1 makes call to update Admin2's PW.
cred.user_password.setDisplayValue(pw);
cred.setValue("password_needs_reset", false);
var updateResult = cred.update();