Set up Microsoft Active Directory for Password Reset

Enable connections to Active Directory (AD) by activating the Password Reset Windows App and Microsoft AD for Password Reset available in the ServiceNow Store.

Request the Password Reset Windows App plugin

Request the Password Reset Windows App (Password Reset Orchestration) (com.glideapp.password_reset_desktop) plugin that enables connections to the Active Directory (AD) credential store types. No other components are installed.

始める前に

Role required: password_reset_admin

このタスクについて

There are two ways to request a plugin:

Access the Now Support Service Catalog directly by selecting All > Service Catalog > Activate Plugin on Now Support. For more information about the list of plugins, see List of Plugins.
Access the Now Support Service Catalog through the All Applications page on your instance by following these steps.

手順

Navigate to All > System Applications > All Available Applications > All.
On the All Applications page, select Request Plugin to open the Request form on HI.
On Now Support, select the redirect link to access the Now Support Service Portal Service Catalog.
Select your instance.
Select Actions > Activate Plugin.

On the form, fill in the fields.

表 : 1. Activate Plugin request form
Field	Description
Target Instance	Instance on which to activate the plugin.
Plugin Name	Name of the plugin to activate.
Specify the date and time you would like this plugin to be enabled	The date and time must be at least two business days from the current time. 注: Plugins are activated in two batches, in the morning and in the evening, on every business day in the US Pacific time zone. If the plugin must be activated at a specific time, enter the request in the Reason/Comments field.
Reason/Comments	Information that would be helpful for the ServiceNow personnel who are activating the plugin. For example, if you need the plugin activated at a specific time instead of during one of the default activation windows, specify that in the comments.

Select Submit.

Password Reset Windows Application

The Password Reset Windows Application enables a user, who forgets the password or is locked out of a Windows computer, to reset the password directly from the Windows login screen.

How the Password Reset Windows Application works

Download the Password Windows Reset application from the ServiceNow Store and run an EXE or MSI file to install or distribute the application to user computers. The application installs a link on the Windows login screen. The user clicks the link (Forgot Password? as depicted in the examples on various Windows versions) and is then guided through the process of resetting the password.

By default, when a user requests a reset, the instance sends the user a URL with a user-specific token. After the user opens the URL, the instance prompts the user to enter and confirm the new password. The instance does not send a temporary password.

Restrictions on the Password Reset Windows Application

The Password Reset Windows Application does not support custom verifications.
The Password Reset Windows Application uses the base-system CAPTCHA service even if the Password Reset application is configured to use Google reCAPTCHA with the web interface. See the section titled "Settings on the Details tab" in Configure your Password Reset process. .
The Password strength indicator is not supported. See Configure the connection to a credential store for the Password Reset processes.
For some verification types, you can use only one verification. Custom verifications are not supported. See Password Reset verifications for details.
Custom UI macros configured on the Process > Advanced page are not supported (for example, entry, success, or failure macros). The system displays only the default success and failure messages.
The Password Reset Windows Application supports newline characters in the Password rule hint text. Other formatting is not supported (bold, underline, hyperlink, and so on). See Configure the connection to a credential store for the Password Reset processes.

Password Reset Windows Application installation requirements

Activate the Password Reset Windows App (Password Reset Orchestration) (com.glideapp.password_reset_desktop) plugin and activate the Microsoft AD for Password Reset store app to use the Password Reset Windows Application. You must activate the Password Reset Windows App to use the Password Reset Windows Application.


Requirement	Description
Required ServiceNow release	Password Reset Windows Application latest version can be downloaded from store.
Required hardware	1 GHz or faster processor 512 MB of RAM 10 MB of available hard disk space (x86) 10 MB of available hard disk space (x64)
Required software	Version of Password Reset Windows Application: 4.1 Microsoft .NET Framework: 4.7.1 and newer Microsoft Visual C++: Redistributable Visual Studio 2017
Supported operating systems	Windows 7 Windows 8.1 Windows 10 Enterprise Windows 10 Pro
Supported processor architecture	X86 X64
Supported network architecture	Password Reset Windows Application clients must have direct access to both the Internet and the ServiceNow instance where the Password Reset Windows Application is configured For Password Reset Windows Application versions that use an SHA certificate, the corporate network must not block the SHA certificate. To reset an AD password, the client must be on the corporate network.