Password Reset With Active Directory

Go to solution
Brian Lancaster
Tera Sage

‎02-27-2015 06:10 AM

Has anybody gotten password reset to work with Active Directory?   I can not find any information on the Wiki on setting it up with active directory.   Do I need to modify the workflow that comes with the plugin?   I have a MID servers setup and connected.

Labels:
0 Helpfuls
  • 10,711 Views
1 ACCEPTED SOLUTION

Go to solution
Brian Lancaster
Tera Sage
In response to Brian Lancaster

‎03-15-2015 12:27 PM

Found the issue. If anybody needs to do multiple domains this is what you will need to add to the Pwd Reset - AD in the Run Script at the beginning of the workflow.   You will need to also add this code to the Pwd Unlock Account - AD workflow.   Also for your credential store you will put for the host name [your domain controller]:3268.   This will make sure you use the global catalog service.   This should be your root domain controller.


In the below script replace the ? what shows on the source for the user in each domain.



var user = new GlideRecord('sys_user');


  user.addQuery ('user_name', workflow.inputs.u_user_name);


  user.query();


  if (user.next()){


  if (user.source.toLowerCase().indexOf('dc=?,dc=?,dc=?') > -1){


  workflow.scratchpad.domain = '[your domain controller]';


  }


  else if (user.source.toLowerCase().indexOf('dc=?,dc=?,dc=?') > -1){


  workflow.scratchpad.domain = '[your domain controller]';


  }


  else if (user.source.toLowerCase().indexOf('dc=?,dc=?,dc=?') > -1){


  workflow.scratchpad.domain = '[your domain controller]';


  }


  else if (user.source.toLowerCase().indexOf('dc=?,dc=?,dc=?') > -1){


  workflow.scratchpad.domain = '[your domain controller]';


  }


  else if (user.source.toLowerCase().indexOf('dc=?,dc=?,dc=?') > -1){


  workflow.scratchpad.domain = '[your domain controller]';


  }


  else if (user.source.toLowerCase().indexOf('dc=?,dc=?') > -1){


  workflow.scratchpad.domain = '[your domain controller]';


  }


View solution in original post

37 REPLIES 37

Go to solution
Frankie Bravo
Kilo Contributor
In response to Brian Lancaster

‎07-02-2020 05:59 PM

Two separate domains in two separate forests. 

0 Helpfuls

Go to solution
Brian Lancaster
Tera Sage
In response to Frankie Bravo

‎07-02-2020 06:22 PM

I think you would have to make 2 separate AD password reset processes.  One for each domain.  I don't know that there is a way to search users in two separate domains.  This post and its answer were searching the AD in a forest so I could search the root domains global catalog to initially find the correct user then use the source field to set the correct domain controller for the domain the user was in. 

0 Helpfuls

Go to solution
thomasm1
Mega Contributor

‎08-06-2018 04:28 AM

Can someone, that got this thing working, pls post their script? I can't get it to work! 😞

 

Regards Thomas

0 Helpfuls