CRAFT - Active Directory Password Reset Procedure

Overview

A Citrix version of Active Directory Administrative Center has been published to the Citrix portal for use by Craft Services to reset Craft employee passwords. Craft admins will have access ONLY to Craft users; they will not be able to reset passwords for any other accounts.

Quick Steps

1. Input the domain and username into the 'User name:' field (make sure to input as SI\username)

2. Input a new password in both 'Password:' and 'Confirm password:' fields

3. Ensure the option to force a reset at next logon is enabled

4. Select the option to unlock the account, if available

5. Click 'Apply'

6. Have the end-user logon and update their password at https://mail.swinerton.com/

Full Procedure

1. Open a browser window and go to https://apps.swinerton.com/ , click 'Apps' at the top

2. Launch the Active Directory Administrative Center app (if you do not see this app you haven't been granted access)

- additionally, you can click 'Details' and then 'Add to Favorites' to get a desktop icon for the app, if you'd like

3. The 'Overview' screen should load with the Reset Password tool available (if you don't see this tool, click 'Overview' on the left)

4. Input the Craft person's username in the 'User name:' field, making sure to include the Swinerton domain (formatted as SI\username)

5. Input an easy to read, unique password into both the 'Password:' and 'Confirm password:' fields

- DO NOT use passwords like "Swinerton", "Builders", "Password", or any other commonly used passwords

6. Place a check mark next to "User must change password at next log on"

7. Place a check mark next to "Unlock Account" if available (if it is grayed out then the account is NOT locked)

8. Click 'Apply'

9. If an "...Access is denied" error appears then the password CAN NOT be reset by Craft Services

10. When you see the "...password reset successfully" message then move on to the next step

11. Have the user log in, using their username and new password, at https://mail.swinerton.com/

12. The system will prompt them to enter a new password, which MUST meet the following requirements...

Requirements for creating a new password:

Minimum Length is 14 characters.
Must have at least one of the following: Upper Case Letter, Lower Case Letter, and Number or Special Character (!$%# etc.).
- Examples: ArnoldrunningMan12, 12DaysofChristmas, B@ckTwoSquare1 are all acceptable passwords
Change Frequency every 180 days.
Cannot use any of the last 26 passwords.
Cannot have 3 of the same character in a row.
- Examples: Basketballlarry1 or Heavyhammer777
20 failed attempts will lock the account for 5 minutes.
- This will allow for plenty of mistakes while keeping the password process more secure.
Common words associated with our company are not allowed.
- Examples: Swinerton, Builders, Password, SRE, SOLV,12345, Timberlab, American Laminators, etc.
Your name, username, or personal information cannot be used in the password.
Incremental changes are no longer allowed.
- Example: Swinerton1 being changed to Swinerton2 or Football11 being changed to Football12

13. Once the Craft user has successfully entered a new password you will want to walk them through setting up their Self-Service Password Reset options detailed here.

The Craft user's password has now been reset successfully.
- This new password will be valid for 180 days before needing to be reset again.
If you run into any issues during this process, or the Craft user continues to have problems logging in after account is reset, please contact the Service Desk for assistance.