[REWST - PROC] User: Change Password

This workflow functions as a critical building block that automates user password changes across both on-premises Active Directory and Azure/Entra ID environments, creating or updating PSA tickets while providing email fallback options for comprehensive error handling. MSPs will find this particularly valuable for reducing password reset tickets (one of the highest volume ticket types), supporting hybrid identity environments, and maintaining consistent security practices across multiple clients. Technically, the workflow first validates required inputs, determines the identity provider location (on-prem AD or Entra ID), executes the appropriate password change method, triggers AD sync when necessary, and integrates with PSA systems to document the action through ticket creation or updates.

This workflow contains 21 tasks.

Inputs

  • password - string

    • Change user's password to this

  • ticket_id - string

    • Update ticket with the details of this workflow run

  • user_name - string

    • Username

  • idp_config - string

    • Accepted values are: on_prem, hybrid_no_sync, azure_ad, on_prem_only. If no value is provided value will be determined via org var logic.

  • skip_ticket - boolean

    • Set to true if you do not want any ticketing done

    • Default: {{ false }}

  • unlock_account - boolean

    • Unlocks account for locked out accounts

    • Default: {{ false }}

  • no_sync_override - string

    • User ID if no User name provided

  • force_password_reset - boolean

    • Force the user to change their password when logging in, defaults to true.

    • Default: {{ true }}

Outputs

  • automation_log: Standardized Rewst automation log

  • success: Boolean; States if workflow was successful.

Key tasks

  • update_ticket: Data modification

  • email_fallback: Core integration: noop

  • failure_catch: Core integration: noop

  • process_inputs: Data processing

  • ticketing: Core integration: noop

Jinja examples

Example 1

{{ ORG.VARIABLES.default_psa }}

Used in input parameter 'psa'

Example 2

{{ CTX.ticket_id }}

Used in input parameter 'ticket_id'

Last updated

Was this helpful?