Loading

User email address cannot be updated with a password reset as a single process with the rollout of the Winter '21 release

Udgivelsesdato: Apr 10, 2024
Beskrivelse
This behavior is being treated as too aggressive and the alteration will be rolled back until it is revisited. Please see this Known Issue: https://trailblazer.salesforce.com/issues_view?id=a1p4V000001JifJQAS

The prior behavior of permitting the password reset of a user record to happen while updating the email address in order to attempt to bypass the email verification was determined to be a security flaw. As such, this is no longer possible.

Steps To Reproduce:
1. Log into Winter’21 org as an administrator user
2. Navigate to the Setup → Users
3. Click on a user from the list and open the user detail page
4. Click on the Edit button to modify the email address and check the 'Generate new password and notify user immediately' box
5. Click Save.
6. An error message appears - “You can't reset a user’s email address and password at the same time. The user must first verify their new email address before you reset their password.”
Løsning

There are a few workarounds that can be pursued.

  1. Customers must verify the updated email address by clicking on the link sent to the new email address and then proceed with resetting the password.
  2. If the user has an invalid old email address and the org is configured for additional identity verification for users for email changes, the Require identity verification for email changes setting will need to be temporarily disabled from the level they are set up at:
    1. Setup → Session Settings
    2. https://help.salesforce.com/articleView?id=admin_sessions.htm&type=5
    3. Setup → Identity → Identity Verification
    4. https://help.salesforce.com/articleView?id=security_auth_setup_identity_verification.htm&type=5
  3. The email verification disable process may be undertaken. 
    1. https://help.salesforce.com/s/articleView?id=000385107&type=1&language=en_US


Additional reference: https://help.salesforce.com/articleView?language=en_US&type=1&mode=1&id=000332387

Vidensartikelnummer

000389431

 
Indlæser
Salesforce Help | Article