This procedure applies to any user that does not access KeyNet with their Network ID and password (defined in Active Directory). In other words, the user’s password is maintained in Keystone Client.
Your organization must have the KeyNet Login Authentication set to either Hybrid or KeyNet in the Header Control Record (KC1999) (General System Administration -> General System Parameters -> Header Control Record (KC1996) -> More button).
To reset the user’s password in Keystone Client, go to the KeyNet Security Maintenance (KC0054) screen and click the "Password" button. Then, click the "Reset" button to assign a random password for the user. The system will automatically check the "Force user to update password on next login" flag, and it will email the temporary password to the user.
After selecting "Reset" a window will appear that will show an encrypted version of the password. The user who selects the reset button will not be able to view the user's temporary password. It will only be visible in the email sent to the user.
The user's email will contain the non-Encrypted version of the email.
When the user logs into KeyNet with the temporary password, they will be prompted to confirm the last four digits of their Social Security number, and to enter in a new password.