none
Password Reset for Helpdesk (codeless, using Password Reset Action Workflow ?) RRS feed

  • Question

  • Hello,

    At the organisation I work for, we are looking at FIM 2010 R2 SP1.

    Initially, we would like to use Self Service Password Reset (among other functionality).

    We would also like to provide helpdesk / support colleagues the ability to reset user's passwords.

    There is a discussion, including outlines of solutions, about this at...

    https://social.technet.microsoft.com/Forums/en-US/8eba8d98-376f-4f7a-9628-91bb986e4e34/creating-password-reset-for-helpdesk-in-fim-2010-r2?forum=ilm2

    ...but it is relatively complex, requiring code, PowerShell MAs, etc.

    I know now that FIM 2010 R2 SP1 gets very complex, very quickly.  Acknowledging that, one of the reasons for using FIM 2010 R2 SP1 is it is a relatively off-the-shelf technology, as opposed to internally-developed code that is harder to maintain (again, relative to off-the-shelf technology).

    FIM 2010 R2 SP1 already has a workflow called

    Password Reset Action Workflow

    The workflow takes no configuration.

    Is it possible to create a [relatively] codeless solution (eg using MPRs) for password reset for helpdesk, using the Password Reset Action Workflow? If so, how...?

    I know from my own searches of the Internet this is a popular request.

    Kind regards,

    Anwar

    Wednesday, April 1, 2015 11:56 AM

All replies

  • Here is the SSPR guide that includes the Helpdesk functionalities.

    https://technet.microsoft.com/en-us/library/ee534892(v=ws.10).aspx

    You need to enable some MPRs, create some others, etc.  It is pretty easy to follow.


    Nosh Mernacaj, Identity Management Specialist

    Wednesday, April 1, 2015 1:55 PM
  • Hi Nosh,

    Thanks for your reply.

    I am actually after helpdesk initiated password reset, not self-service password reset.

    I have successfully implemented SSPR in a non-production environment.

    Kind regards,

    Anwar

    Wednesday, April 1, 2015 2:25 PM
  • Hello,

    I think that Activity you mentioned above is just for the SSPR as you can not pass any parameter to it and there is no description how it works in detail.
    Beside that I see no solution on the net that works with that Activity on Helpdesk PW resets.

    The solution in the article above is not that complicated to implement.

    Simple solution could be to reset PW to a default PW and force user to change PW at login.

    -You simple need a boolen attribute on the user (DoPasswordReset) and trigger a workflow when helpdesk change that attribute.

    -Setup a PowerShell Activity Workflow which resets password via PowerShell.

    -Reset the DoPasswordReset attribute to false via FunctionEvaluator

    PowerShell Activity is really easy to implemend, you should give it a try.

    Beside that you can use the PS Activity for many other action in the future.

    -Peter


    Peter Stapf - ExpertCircle GmbH - My blog: JustIDM.wordpress.com

    Wednesday, April 1, 2015 6:20 PM