Users password can't be set without USIADMIN role
Answered
Hi Support Team,
a customer has one role with access level administrator. This role doesn't has any restricitions. Anyway it is not possible with this role, to reset a users password or to send their users their User ID.
If they want to send their users their ID, the following error appears: “You need to be an administrator to send the user ID via mail”

Only if you give this user the USIADMIN role, he is able to reset passwords or to send ID mails.
What has to be done that their own administrator role becomes a real admin?
Kind regards,
Dorian
-
Mike Schepker please review
-
I don't know on this one. This sounds like a bug to me. Looking at the role, there doesn't seem to be anything to indicate why those actions wouldn't show unless we're restricting it to only the shipped EBMS Administrator role, which does not sound correct to me if that's what is happening.
-
Dorian Büdel I would ask the client WHY the admin needs to do any of this within Enterprise when they are setup for Single Sign On (according to the screenshot). By definition, the passwords and user ids are all managed through the client's identify provider.
-
Anthony Costantino Good catch! I was too busy looking at everything related to Roles and Access Level I didn't even think about their Auth Type.
-
Hi Mike Schepker and Anthony Costantino ,
the customer is using both: the momentus auth. for external users and single sign on for internal users. Irrespective of this it should be possible for the admin to reset the password of a user, which has the momentus auth., without using our USIADMIN role, should'nt it?
-
Dorian Büdel Does it appear without the EBMS Admin role on a user that uses Momentus as the Authentication type (Barbara in the screen shot is using SSO). I know that when I test with users locally it will not allow me to reset the password (option isn't there) if they are set to SSO.
-
Hi Mike Schepker ,
the user (Jules), who tries to reset a password has SSO as auth. config. He has the Porsche Admin role.

The user he is triying to reset the password for, has Momentus as auth. type. If you give Jules our EBMS Admin role, he is able to reset the password of the user with Momentus as auth. type. If not, the error appears, that he has to be an admin to do it.
-
I don't know. At this point I think we'd need Product/Development to explain how this should be working.
-
Dorian, can you confirm this is the question?
You have a user with the “Porsche Admin” role that cannot reset any passwords? Or they can reset some passwords?
-
Yes i can confirm that this is the question, that the user with the role Porsche Admin can't reset any password.
-
Thanks. Can you include a screenshot of the access privileges for that role, that shows they have the right access.
-
Of course:
Database: Within Momentus

-
Thanks. Are you able to reproduce this for other customer accounts? Or is it only happening for this Porsche Admin role?
-
I only know of this customer experiencing this issue. I'm not sure if other customers have the same problem of not being able to reset their passwords unless they have the USIADMIN role.
-
Can you try replicating this in another account? That would answer the question on whether a customer must have the USIADMIN role. If this is just this role/user, then it must be a configuration issue.
-
Hi Seth, i do not have another customer, who is using SSO, thats why i can't replicate it. I will soon have a customer, which is onboarded for SSO. There i will check it and add a short comment in this post. So we can close this ticket for now.
Please sign in to leave a comment.
Comments
16 comments
Date Votes