ServiceNow Incident Management Simulation: Domain Account Unlock & Password Reset
This walkthrough demonstrates how to use ServiceNow to simulate, manage, and resolve a common help desk issue: a user being unable to sign in due to a locked-out domain account.
The goal of this exercise is to practice:
Creating and logging in as an end user in ServiceNow
Submitting an incident ticket through the Self-Service portal
Receiving, triaging, updating, and assigning incidents as an IT support agent
Performing account unlock and password reset actions using PowerShell
Communicating status updates with end users through ServiceNow
Closing incidents with proper work notes, resolution details, and documentation
This lab provides hands-on experience with the full ServiceNow incident lifecycle, from ticket creation to technical troubleshooting and final resolution.
1) Create a free ServiceNow Developer Instance (PDI)
Open a browser on your host machine.
Go to developer.servicenow.com and create/sign in to a developer account.
After sign-in: choose Request instance in the top right of the screen.
After about 30 seconds to a minute, click Start building. Wait a few moments for provisioning.
When the instance is ready, click Open Instance. You’ll see a URL like: https://devXXXXX.service-now.com
Note: ServiceNow is cloud-hosted — you do everything through this URL in a browser.
2) — Create a Password Reset/Locked-Out Ticket (End-User Simulation)
Do these from your host browser using your admin account.
2.1 Create an End User and Log in as the End User
On your ServiceNow home page, type “Users” into the filter navigator.
Click People - Users.
Click Go to list view.
To create a new user click New in the top right corner.
Fill in the following information for your End User:
First name: John
Last name: Doe
User ID: john.doe
Email: john.doe@simotech.com
Make sure to leave the Active box checked.
Click Submit.
Confirm the End User has been created and click All (this will remove the conditions and show all users).
Now type john.doe in the User ID search bar to see the new End User.
Set a password for the End User by first clicking their User ID in the table.
Click the Set Password button.
Click Generate and then Copy the password and Save password.
Log out of your admin account.
Log back in using the new user:
Username: john.doe
Password: (the password you generated)
After logging in with the system generated password, it prompts you to create a new password.
You are now logged in as the End User.
2.2 Submit a Ticket as the Employee
In the filter navigator in the top left, look for Self Service.
Under Self Service click Incidents.
Click New in the top right to create a new ticket.
Fill out the form:
Urgency: 2-Medium
Description: I tried to log in to my domain account, Naruto, on my Windows 10 workstation. I entered the password incorrectly multiple times, and my account is now locked out. Please assist with unlocking my account and resetting the password if necessary.
Click Submit.
Your ticket has been created.
4) Receive, triage and assign the ticket (ServiceNow admin)
On your host (ServiceNow admin):
Log in to the ServiceNow instance as your admin account.
Type incidents.list in the under All in the filter search bar in the top left corner.
The incident created by the End User should be at the top. Click on the incident Number
Fill out the necessary information in the form:
State: In Progress
Assignment group: Help Desk
Comment: Received. Investigating: will check AD account status and unlock the user’s account and reset password.
Post the comment and click Update.
5) Troubleshoot & fix the issue in your Windows Server 2022 lab
Perform these steps on Server 2022 (domain controller) and the user’s Windows 10 machine.
A. Quick checks (on user's Windows 10 machine)
Confirm the user’s account is locked out.
B. Check on Server 2022 (Domain Controller)
I already did a walkthrough of unlocking a user account in Active Directory Users and Computers on the domain controller. So, we’ll unlock the account and reset the password through an alternative method: PowerShell.
1. Import the ActiveDirectory module:
Import-Module ActiveDirectory
2. Check the user’s lockout status:
Get-ADUser Naruto -Properties LockedOut | Select SamAccountName,LockedOut
3. Unlock the domain account:
Unlock-ADAccount -Identity Naruto
4. Reset the password to a temporary one:
Set-ADAccountPassword -Identity employee1 -Reset -NewPassword (ConvertTo-SecureString "TempP@ss123!" -AsPlainText -Force)
C. On the End User machine after you unlock the account and reset the password:
Have the user attempt to login again (you can test locally by signing out and back in with the new password).
6) Update & close the incident in ServiceNow (documenting the fix)
Back in ServiceNow, after logging into the Admin account:
Open the incident.list and open the ticket.
Update the activity log:
Work notes:
Verified end user’s domain account (Naruto) was locked out due to multiple failed login attempts. Used PowerShell on the domain controller to unlock the account and reset the password. Confirmed the new temporary password (TempP@ss123!) was applied successfully. Advised user to log in and reset the password at next login.
Comments (Customer visible):
Hi John Doe— I unlocked your domain account, Naruto, and reset your password to TempP@ss123!. Please sign in and reset your password when prompted. If you still see issues, reply to this ticket. — IT Helpdesk
Set State to Resolved.
Resolution code: Resolved by request
Knowledge: check the box
Resolved: date resolved
Resolution notes: User reported they were unable to log in due to domain account lockout. Verified the account (Naruto) was locked in Active Directory. Unlocked the account and reset the password using PowerShell on the Domain Controller. User successfully logged in with temporary password and confirmed resolution.
At the top of the form click Resolve.
Wait for the User to confirm that the issue is fixed then the ticket will Close.
We are done.
