立即与支持人员聊天
与支持团队交流

Password Manager 5.13.2 - Administration Guide (AD LDS Edition)

About Password Manager Getting Started Password Manager Architecture
Password Manager Components and Third-Party Solutions Typical Deployment Scenarios Password Manager in a perimeter network Management Policy Overview Password Policy Overview reCAPTCHA Overview User Enrollment Process Overview Questions and Answers Policy Overview Data Replication Phone-Based Authentication Service Overview Configuring Management Policy
Management Policies
Checklist: Configuring Password Manager Understanding Management Policies Configuring Access to the Administration Site Configuring Access to the Legacy Self-Service Site and Password Manager Self-Service Site Configuring Access to the Helpdesk Site Configuring Questions and Answers Policy Workflow overview Custom workflows Custom Activities Legacy Self-Service or Password Manager Self-Service Site workflows Helpdesk Workflows User Enforcement Rules
General Settings
General Settings Overview Search and Logon Options Import/Export Configuration Settings Outgoing Mail Servers Diagnostic Logging Scheduled Tasks Web Interface Customization Instance Reinitialization Realm Instances AD LDS Instance Connections Extensibility Features RADIUS Two-Factor Authentication Internal Feedback Password Manager components and third-party applications Unregistering users from Password Manager Bulk Force Password Reset Fido2 key management Working with Redistributable Secret Management account Email templates
Upgrading Password Manager Password Policies Enable 2FA for Administrators and Enable 2FA for HelpDesk Users Reporting Accounts Used in Password Manager for AD LDS Appendix B: Open Communication Ports for Password Manager for AD LDS Customization Options Overview Feature imparities between the legacy and the new Self-Service Sites Third-party contributions Glossary

Enable Account

Use this activity to enable users’ disabled accounts. You can use the activity in different workflows. It is recommended to place this activity after authentication activities in a workflow.

For example, to enable users with disabled accounts to reset passwords and enable their accounts, you can use the Enable Account activity in the Forgot My Password workflow:

  1. Authenticate user with Q&A profile.

  2. Enable account.

  3. Reset password in AD LDS.

  4. Restart workflow if error occurs.

  5. Email user if workflow succeeds.

  6. Email user if workflow fails.

Force User to Change Password at Next Logon

Use this activity when users want to change their passwords during the next logon.

For example, you can use this activity in the Reset Password workflow and can force users to change passwords at the next logon once the password has been reset by a helpdesk operator.

To allow users to change password at the next logon, the helpdesk operator must select Helpdesk operators can choose whether to force users to change password at next logon check box available in the Force user to change password at next logon activity.

It is recommended to place this activity after the Reset Password in AD LDS activity in a workflow.

Assign Passcode

This activity is a core activity of the Assign Passcode workflow. It allows helpdesk operators to assign a passcode to the user who has forgotten password and is not yet registered with Password Manager or has forgotten answers to secret questions. This activity has the following settings:

  • Passcode length: Specify how many characters a passcode must contain.

  • Passcode lifetime: Specify how long a passcode issued by helpdesk operators is valid.

Unlock a Q&A Profile

This activity is a core activity of the Unlock Q&A Profile workflow. It allows helpdesk operators to unlock users’ Q&A profiles using the Helpdesk Site.

You do not need to configure any settings for this activity.

相关文档

The document was helpful.

选择评级

I easily found the information I needed.

选择评级