User Accounts for Password Reset: Allow Reps to Administer User Passwords
Administrators can delegate, via user permission, the task of resetting local users’ passwords and locked user accounts to privileged users, without also granting full administrator permissions. Local users may continue to reset their own passwords.
Note: Administrators with the Allowed to set passwords permission will see no difference in the user interface.
When a privileged non-administrative user enters the Users & Security page in the administrative /login interface, he or she will see a limited view User Accounts screen containing Change Password links for non-administrative users. If a user has a locked account due to failed logins, a reset button is available. The privileged user will not be able to edit or delete user accounts.
Privileged users are not allowed to reset administrator passwords, nor the passwords of security provider users. Privileged users may set a user's password to whatever he or she chooses, as long as the string complies with the defined password policy as described in Security: Manage Security Settings.
When the privileged user clicks Change Password in the User Accounts page, the User :: Change Password screen is displayed.
When a privileged user changes another user's password, the privileged user may choose whether or not that user must change his or her password on login.
For the privileged user to see the Email Password to User checkbox, a valid SMTP configuration must exist on your appliance (see Email Configuration: Configure the Software to Send Emails), and the user whose password is to be reset must have a configured email address. When a password is emailed, the user receiving the email is required to reset his or her password at next login.