Password Reset integration for Microsoft Active Directory - Blog
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-09-2025 12:40 AM
Hi fellow developers
(This is not a question 🙂 )
Writing this short piece of how to use the "Password Reset integration for Microsoft Active Directory spoke".
When at first I received the requirement of building something which can help reset password of user in the AD environment, I was planning on normal integration steps API, REST, SOAP blah blah..
Later, when I was investigating on ways this fresh looking spoke was calling me in the ServiceNow documents. When I checked and learnt about it, was the moment I realised ServiceNow and it's power.
What I imagined and what the platform gave was immensely amazing. I quickly started working with the client to get the plugin installed and started my work.
Once the plugin is been installed, we will have a whole set of 'Actions' added to the WorkFlow Studio under the Application 'Microsoft Active Directory v2 Spoke'.
Now in my scenario, we need to 'Reset User Password' & 'Generate Random Password' actions.
Note: All actions are read-only so cannot make changes to them.
Only the 'Connections' under 'Connection & Credential' of the actions can be changed.
- The 'Generate Random Password' action uses Powershell, script steps. It gives random password and the output is stored in a variable of type 'Password(2 Way Encrypted)'.
- But in case of 'Reset User Password' action, it has UserName, New Password as inputs.
How I used these:
- In the flow designer, my trigger was Service Catalog.
- Used the 'Get Catalog Variable' step to call my catalog. A field for UserName is present in the catalog, which will be used.
- Following this I have the 'Generate Random Password' action, which will generate a password of length 12+.
- Then comes 'Reset User Password' action where the
- UserName -> UserName from catalog
- Password -> Password generated from previous step
So, even if there is a scenario where password has a particular sequence, but needs to be reflected in the MS AD, you can create your own 'Script Action' but store the output password in a output variable of 'Password(2 Way Encrypted)' type.
Then call it to the 'Reset User Password' Action.
Hope this helps!!
Thanks!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
yesterday - last edited yesterday
Hi @harshi_ramesh , how do users read the password? as it is encrypted - how do they know to reset using this updated password using force login