Within EEM, can other users have access to "Reset Password"

Document ID : KB000103849
Last Modified Date : 29/06/2018
Show Technical Document Details
Question:
When users log into EEM they have an option to "Change Password", but this option requires them to enter in the previous password before they can change the password. The EIAMADMIN user can see a "Reset Password" option on the user record that allows them to reset a password without knowing the original password. 
Can this option be given to other users?
Answer:
The "Reset Password" option is tied to the Identity Record for the users. By default non-admin users are unable to view the user records, so they don't have the option to select "Reset Password".

A scoping policy can be created that will grant users the ability to edit Users. It's possible, that by doing this, that users would be able to see other contacts as well, which could be a cause for concern, so you will want to ensure the scope is limited to only specific users.

The "Reset Password" is not provided universally by default, and it also wouldn't be recommended for to be universally granted either.
Additional Information:
More information on creating additional Administrator accounts can be found here:

https://comm.support.ca.com/kb/can-eem-have-multiple-administrator-accounts-like-eiamadmin/kb000022375

More information on User Access Permissions is located here:

https://docops.ca.com/ca-embedded-entitlements-manager/12-6/en/configuring/user-access-permissions