Join the #BuildWithBuildAgent Challenge! Get recognized, earn exclusive swag, and inspire the ServiceNow Community with what you can build using Build Agent.  Join the Challenge.

Password Reset With Active Directory

Go to solution
Brian Lancaster
Kilo Patron

‎02-27-2015 06:10 AM

Has anybody gotten password reset to work with Active Directory?   I can not find any information on the Wiki on setting it up with active directory.   Do I need to modify the workflow that comes with the plugin?   I have a MID servers setup and connected.

Labels:
0 Helpfuls
  • 11,568 Views
1 ACCEPTED SOLUTION

Go to solution
Brian Lancaster
Kilo Patron
In response to Brian Lancaster

‎03-15-2015 12:27 PM

Found the issue. If anybody needs to do multiple domains this is what you will need to add to the Pwd Reset - AD in the Run Script at the beginning of the workflow.   You will need to also add this code to the Pwd Unlock Account - AD workflow.   Also for your credential store you will put for the host name [your domain controller]:3268.   This will make sure you use the global catalog service.   This should be your root domain controller.


In the below script replace the ? what shows on the source for the user in each domain.



var user = new GlideRecord('sys_user');


  user.addQuery ('user_name', workflow.inputs.u_user_name);


  user.query();


  if (user.next()){


  if (user.source.toLowerCase().indexOf('dc=?,dc=?,dc=?') > -1){


  workflow.scratchpad.domain = '[your domain controller]';


  }


  else if (user.source.toLowerCase().indexOf('dc=?,dc=?,dc=?') > -1){


  workflow.scratchpad.domain = '[your domain controller]';


  }


  else if (user.source.toLowerCase().indexOf('dc=?,dc=?,dc=?') > -1){


  workflow.scratchpad.domain = '[your domain controller]';


  }


  else if (user.source.toLowerCase().indexOf('dc=?,dc=?,dc=?') > -1){


  workflow.scratchpad.domain = '[your domain controller]';


  }


  else if (user.source.toLowerCase().indexOf('dc=?,dc=?,dc=?') > -1){


  workflow.scratchpad.domain = '[your domain controller]';


  }


  else if (user.source.toLowerCase().indexOf('dc=?,dc=?') > -1){


  workflow.scratchpad.domain = '[your domain controller]';


  }


View solution in original post

37 REPLIES 37

Go to solution
kamlesh kjmar
Mega Sage
In response to Brian Lancaster

‎07-01-2017 10:21 PM

Thanks Brian , this information helped.


0 Helpfuls

Go to solution
luke11
Kilo Explorer
In response to kamlesh kjmar

‎12-21-2017 07:23 PM

did you solve it? i have exactly the same issue and cant find that anyone solved it. I have every plugin turned on. it just gives me the lock state error.


0 Helpfuls

Go to solution
Rohith Sabbinen
Mega Expert
In response to Brian Lancaster

‎12-04-2017 12:56 PM

We are testing our password reset, We have 2 separate LDAP's that need to manage with 2 different credential store's. We hit a snag yesterday because the reset keeps bouncing against the default mid-server. Is there any way to make password reset hit the appropriate mid-server that uses the appropriate credential store. Kindly suggest,




Rohith Sabbineni.




0 Helpfuls

Go to solution
Frankie Bravo
Kilo Contributor
In response to Rohith Sabbinen

‎07-02-2020 09:14 AM

I assume you have two AD forests. Were you able to solve the issue? if so, what was the fix? 

0 Helpfuls

Go to solution
Brian Lancaster
Kilo Patron
In response to Frankie Bravo

‎07-02-2020 10:41 AM

Question: Are these 2 separate domains or are they in a domain forest (Root domain and child domains)?

0 Helpfuls