Thank you for your feedback.
Form temporarily unavailable. Please try again or contact to submit your comments.

Configure Password Reset for Active Directory

Log in to subscribe to topics and get notified when content changes.

Configure Password Reset for Active Directory

When the Orchestration Add-on plugin is activated, the Password Reset application can change passwords on an Active Directory credential store. The application changes passwords by referencing an Active Directory user role with the appropriate password change privileges.

Before you begin

Active Directory must have a user role with the following privileges:

Descendent User objects:

  • Reset password
  • Read/Write pwdlastset
  • Read/Write UserAccountcontrol
  • Write Account Restrictions
  • Read/Write lockouttime
  • Read MemberOf

Descendent Group objects:

  • Read Members
  • Read MemberOf


  1. Install MID Server on a Windows computer that can connect to Active Directory.
  2. Configure the MID Server.
  3. In the ServiceNow instance, navigate to Orchestration > Credentials.
  4. Click New and then complete the form with the following values for the credential.
    • Type: Select Windows.
    • User name: Enter your Active Directory domain user. For example, domain\admin.
    • Password: Enter your Active Directory domain user password.
    • Applies to: Select the MID Server that is used to access the Active Directory server.
  5. Click Submit.
  6. Create a credential store for Active Directory.