π Runbook: ACT-ResetUserPassword
This runbook resets a userβs Active Directory password, forces a password change at next logon, logs the action, and updates the Jira ticket accordingly.
π Description
Use this runbook when a user requires a password reset.
SymphonyDesk securely connects to the customerβs Active Directory domain controller and:
- Resets the password
- Requires password change on next logon
- Logs the reset event
- Adds comments to the Jira issue
- Automatically transitions the ticket status (Done / Failed)
𧩠Required Parameters
| Name | Description | Example |
|---|---|---|
UPN | UserPrincipalName of account | "john.doe@contoso.com" |
NewPassword | New password to apply | "TempP@ssw0rd!" |
IssueKey | Jira Issue Key | "HD-204" |
πͺ Optional Parameters
None at this time.
π€ Webhook Payload Example (From Jira)
{
"customer": "Contoso",
"runbook": "ACT-ResetUserPassword.ps1",
"issue_key": "{{issue.key}}",
"params": {
"UPN": "{{issue.fields.customfield_10200}}",
"NewPassword": "{{issue.fields.customfield_10201}}"
}
}
π Example Jira Automation Rule
When: Issue transitioned β “Password Reset Requested”
Then: Send Web Request β SymphonyDesk API
{
"customer": "Contoso",
"runbook": "ACT-ResetUserPassword.ps1",
"issue_key": "{{triggerIssue.key}}",
"params": {
"UPN": "{{triggerIssue.fields.customfield_10200}}",
"NewPassword": "{{triggerIssue.fields.customfield_10201}}"
}
}
π₯ Response (Success)
{
"status": "success",
"message": "Password successfully reset for john.doe@contoso.com"
}
π₯ Response (Error)
{
"status": "error",
"message": "Set-ADAccountPassword failed",
"raw": "Cannot find an object with identity..."
}
π Requirements
- On-prem AD reachable from SymphonyDesk Runner
- AD module installed on domain controller
- Runner service account must have
"Reset Password"+"Write Account Restrictions"rights - Jira integration configured for customer
π Version History
| Version | Date | Changes |
|---|---|---|
| 1.0 | 2025-01-20 | Initial Password Reset runbook |