ServiceNow Password Reset Configuration
You must complete the steps in “Configuring ServiceNow for Single Sign-on” before proceeding with the instructions in this section.
To use the password reset function, the login authentication policy must be configured to request passwords only (multi-factor authentication must not be enabled to use the password reset function). Check the authentication policy controls in the Admin Portal > Core Services > Policies > User Security Policies > Login Authentication.
There are two types of password reset processes:
- Self-service password reset for the ServiceNow app in Admin Portal: the user can go to their ServiceNow password reset URL and change their password.
- Service desk password reset for the ServiceNow app in Admin Portal: an account manager or administrator resets a user’s password from their ServiceNow admin portal.
Configure User Self-Service Password Reset
-
Install the password reset plugin.
a. In your web browser, go to your ServiceNow login URL and log in. For example, you have a login URL such as https://acme.service-now.com where acme is your company instance name.
b. Click System Definition > Plugins.
c. Search for Password Reset.
d. Click on the Password Reset plugin.
e. Click Activate.
-
Go to your ServiceNow login URL and log in to your web browser. For example, you have a login URL such as https://acme.service-now.com where acme is your company instance name.
-
Click the gear icon at the top right to open Settings.
-
Scroll down to Application and select Centrify Password Reset.
-
In the left pane, click Centrify Password Reset > Properties.
-
Enter the URL of the Centrify cloud.
-
Enter the Admin name and Admin password for the Admin Portal dministrator.
-
Click Save.
-
Go to Password Reset > Credential Stores > Centrify Cloud.
-
Click Save & Test Connection to verify whether the connection is configured correctly.
-
In the left pane, click Password Reset > Processes.
-
Click Employee Self-Service Process for Centrify.
-
Under Password Reset Details, make sure that all the following options are selected:
| Option | Set it to | What it does |
|---|---|---|
| Enable account unlock | Checked | If a user is locked in Delinea, there will be an Unlock User button provided during password reset. Clicking the Unlock User button only unlocks the user in the Delinea app. For all users, password reset automatically resets their ServiceNow account. |
| Auto-generate password | Checked | Enables automatically-generated passwords. |
| User must reset password | Checked | After the password reset, the Require password change at the next login status is checked for this user in Delinea. |
| Display password | Checked | Displays the new password on the screen. |
| Email password | Checked | Sends the password to the user’s primary email address. |
Password Reset URL
You can direct your users to your password reset URL when they need to reset their passwords. This URL is automatically generated if the Public access box is checked, and is based on the value you specify as your URL suffix.
-
Select the Public access box.
-
Specify the URL suffix for your password reset URL.
-
(Optional) To see which verification is used, scroll down to the Verifications list in the Advanced section. You can change the verifications used if desired.
-
Click Update.
-
In the left pane, click Password Reset > Processes.
-
Click Service-Desk Password Reset for Centrify.
-
Make sure that all of the following options are selected:
| Option | Set it to | What it does |
|---|---|---|
| Enable account unlock | Checked | If a user is locked in Delinea, there will be an Unlock User button provided during password reset. Clicking the Unlock User button only unlocks the user in the Delinea app. For all users, password reset automatically resets their ServiceNow account. |
| Auto-generate password | Checked | Enables automatically-generated passwords. |
| User must reset password | Checked | After the password reset, the Require password change at the next login status is checked for this user in Delinea. |
| Display password | Checked | Displays the new password on the screen. |
| Email password | Checked | Sends the password to the user’s primary email address. |
- Make sure that Public access is not selected.
- (Optional) To see which verification is used, scroll down to the Verifications list in the Advanced section. You can change the verifications used if desired.
- Click Update.
- Log out of your ServiceNow account.
