How to create Custom Role That Can Query Users and Reset Passwords using User Management Responsibility


1.  Define User Management Custom Responsibility.
Navigation: System Administrator --> Security --> Responsibility --> Define
Enter the following information.

Responsibility Name: XXX User Management Helpdesk
Application: Application Object Library
Under the Data Group
Name: Standard
Application: Application Object Library
Menu: User Management : Top Level Menu

Save your work.

22.  Assign this responsibility to user.
Navigation: System Administrator --> Security --> User --> Define
Query with user name and assign the newly defined responsibility to users  who want to access this responsibility.

Save your work.

3.       Define custom Role
a.       Define Permission Set
Navigation: functional developer -->  Permission Set

--> Search for Basic% to find “Basic User Administration Privileges”.
 --> Click on the Permission Set "Basic User Administration Privileges" and then Click           Duplicate. Add Reset Password (code: UMX_OBJ_PASSWD_MGMT)under Permission.

--> Change the Name and Code for the custom permission set and enter descriptions also.
Under the Permission Set Manager add the following permissions.
-->  Reset Password
-->  Edit Person Details
-->  Create, Inactivate, Reactivate User Account
And click Apply button.

b.      Now define role.
Navigation: User Management --> Roles and Role Inheritance
Click on create a role

Enter the following information.
Category: Security Administration
Application: Application Object Library
Active from: 05/18/2015
Display Name: XXX Reset Password Role
Description: Role for Reset Password

Click on Crete Grant

Create Grant for this role, enter name, description

On next screen, choose 'User Maintenance UI' for Set.

 On next screen, click on Finish and OK.

Click on the 'Roles & Role Inheritance' tab. Then query the relevant role (created in 'b')

Click on UPDATE and then click on 'Security Wizards'.

Choose the 'User Management : Security Administration Setup > Run Wizard.

Under 'User Administration' > Users > Click on 'Add More Rows'

Choose 'All People' for Users and permission set created in Step #1 for Permissions

Save the changes and Click on Apply button.
4.       Assign the ' FTD Reset Password Role' role privilege to the user.
            Navigation: Sysadmin -->  User Management -->  Users        


Enter user name and click on GO button.
Click on Update button.

Click on Assign Roles

Enter ' FTD Reset Password Role ' and click on go. Check this role and click on Select button

Enter Justification and click on save button.


Click on Apply button.