Get a first look at what's coming. The Developer Passport Australia Release Preview kicks off March 12. Dive in! 

Unable to reset password since Utah patch 8/9 with security_admin role user

George Chen
Tera Expert

‎01-17-2024 04:10 PM

Hi Community Gurus,

 

My organisation has upgraded sub-instances to Patch 9 hotfix 1 (previously Patch 7 hotfix1) but since the patch, existing with security_admin role can no longer go through password reset process like forgot password, and when new password is submitted, it raises error in the backed.

 

Error: Disallowing setting of password for user with security admin. Change must be done by another security admin. The update has been cancelled.

 

Here are my additional exploration in our environments

  • This appears impacting users inheriting security_admin role
  • By removing the role, the reset comes through (password reset)
  • By creating a blank new user with admin/security_admin role, the password reset process come through as expected.
  • So far, the impacted customers are ServiceNow admin team who inherit security_admin role (my team folks)
  • I could not replicate in PDI running Patch 7 hotfix1
  • This does not replicate in UAT Patch 7 hotfix1 (our UAT)
  • When password reset fails, logs can be seen that ‘Disallowing setting of password for user with security admin. Change must be done by another security admin. The update has been cancelled.  
  • From surface, this does seem to relate to the patches (suspicious problem- password security flaw fix

    Password Reset /PRB1675902 )

  • Steps to produce:
  • As any of existing users inherits security_admin role
  • Go through forgot password process on login page
  • Complete user identity process -> receive the email.
  • Fill in password that meets the requirement and then submit

Error occurs as described above.

Thank you for taking your time with the issue and any advice would be appreciated.

Best wishes,

George

Preview file
238 KB
Preview file
205 KB
0 Helpfuls
  • 3,338 Views
7 REPLIES 7

George Chen
Tera Expert
In response to sumanta pal

‎01-18-2024 01:48 PM

Thanks Sumanta.  I've walked through potential customisation with my colleague and did not get any impression this was caused by the custom changes but about to raise a HI ticket since the official release notes only provide high level details password security flaw fix

Password Reset /PRB1675902 )

0 Helpfuls

Dr Atul G- LNG
Tera Patron

‎01-18-2024 02:47 AM

Hi @George Chen 

 

Best is log a Now Support case , as it is related to security so dont delay. 

*************************************************************************************************************
Regards
Dr. Atul G. - Learn N Grow Together
ServiceNow Techno - Functional Trainer
LinkedIn: https://www.linkedin.com/in/dratulgrover
YouTube: https://www.youtube.com/@LearnNGrowTogetherwithAtulG
Topmate: https://topmate.io/dratulgrover [ Connect for 1-1 Session]

****************************************************************************************************************

George Chen
Tera Expert
In response to Dr Atul G- LNG

‎01-18-2024 01:41 PM

Thanks Kilo for the suggestion.  Yes, I was thinking of raising HI ticket but just checked with Community first. Now I am about to do so! Thanks

Dr Atul G- LNG
Tera Patron
In response to George Chen

‎01-19-2024 06:05 AM

Hi @George Chen 

If you get some feedback, please share with community.

*************************************************************************************************************
Regards
Dr. Atul G. - Learn N Grow Together
ServiceNow Techno - Functional Trainer
LinkedIn: https://www.linkedin.com/in/dratulgrover
YouTube: https://www.youtube.com/@LearnNGrowTogetherwithAtulG
Topmate: https://topmate.io/dratulgrover [ Connect for 1-1 Session]

****************************************************************************************************************
0 Helpfuls