Reset an AD User and securely share their password

A common task in which many IT administrators have to go through, is reseting a user's Active directory password and then sharing the newly created password with the subjected user in a secure way.

In this guide we will create a trigger that would launch the flow, then create a randomly generated password followed by the password reset of an active directory user as well as ensuring that the user account is enabled. Once the account has been reset, a viewOnce link is generated and sent via email to the user.

Download template

Requirements

  • Active Directory integration
  • ViewOnce integration
  • Email integration

Steps

  1. Add Trigger object to the flow and edit the name
  2. Add a Generate Password action, set the length and password complexity requirements. Additionally, a variable is set so the newly generated is stored and used later within the flow. Key: password, Value: %%action[password]%%
  3. Add an AD Reset User Password action, edit the name, configure the connection details tab with the necessary information (username, password, domain name, and server IP address) for the object to be able to authenticate to AD.
  4. On the main tab of the same action, edit the Target User and set the New Password field to %%[var][local][password]%%
  5. Add an AD Enable User action configuring the connection details similar to point 3. Then on the Main tab, add the Target User.
  6. Add a ViewOnce Set, while editting, add the Name, Message %%var[local][password] (generated as part of step 2.), Expiry (duration in seconds) as well as how many times the link can be clicked. Enable the Public Access togle while providing the public access token of the view once user that should be configured on the application. Lastly, create a new variable with Key: url and Value: %%action[url]%% which will be used on the next action (email).
  7. Add an Email action configuring the SMTP Host and Port as well as the Username and Password of the user that is used to send the emails through the SMTP server.
  8. Finally, on the Main tab of the Email action, configure the sender, recepient, subject and body of the email.

All above steps can be viewed below.

Preview