Chat now with support
Chat mit Support

Password Manager 5.13.2 - Administration Guide

About Password Manager Getting started Password Manager architecture
Password Manager components and third-party applications Typical deployment scenarios Password Manager in a perimeter network Management Policy overview Password policy overview Secure Password Extension overview reCAPTCHA overview User enrollment process overview Questions and Answers policy overview Password change and reset process overview Data replication Phone-based authentication service overview
Management policies
Checklist: Configuring Password Manager Understanding Management Policies Configuring access to the Administration Site Configuring access to the Legacy Self-Service Site or Password Manager Self-Service Site Configuring access to the Helpdesk Site Configuring Questions and Answers policy Workflow overview Custom workflows Custom activities Legacy Self-Service or Password Manager Self-Service Site workflows Helpdesk workflows Notification activities User enforcement rules
General Settings
General Settings overview Search and logon options Importing and exporting configuration settings Outgoing mail servers Diagnostic logging Scheduled tasks Web Interface customization Instance reinitialization Realm Instances Domain Connections Extensibility features RADIUS Two-Factor Authentication Internal Feedback Password Manager components and third-party applications Unregistering users from Password Manager Bulk Force Password Reset Fido2 key management Working with Redistributable Secret Management account Email templates
Upgrading Password Manager Administrative Templates Secure Password Extension Password Policies Enable 2FA for administrators and helpdesk users Reporting Password Manager integration Accounts used in Password Manager Open communication ports for Password Manager Customization options overview Feature imparities between the legacy and the new Self-Service Sites Third-party contributions Glossary

Self-Service Site

The Self-Service Site provides users with the ability to easily and securely manage their passwords, thus eliminating the need for assistance from high-level administrators and reducing Helpdesk workload.

The Self-Service Site can be installed on the same server as the Administration Site and Password Manager Service, or on a stand-alone server, for example, if you want to install the Self-Service Site in a perimeter network (DMZ).

Password Manager Self-Service Site

The Password Manager Self-Service Site provides functionality similar to the Legacy Self-Service Site. The Password Manager Self-Service Site includes enhancements to the user interface to improve the usability of the site.

Limitations & Restrictions of the Password Manager Self-Service Site:

  • The Password Manager Self-Service Site can co-exist along with the Legacy Self-Service Site.

  • It is possible to revert to the Legacy Self-Service Site at any time.

  • The Password Manager Self-Service Site is only available in English.

As an alternative to using Password Manager Self-Service Site, use the Legacy Self-Service Site.

Helpdesk Site

The Helpdesk Site handles typical tasks performed by Helpdesk operators, such as resetting passwords, unlocking user accounts, assigning temporary passcodes, and managing user Questions and Answers profiles.

The Helpdesk Site can be installed either on the same server as the as the Administration Site and Password Manager Service, or on a standalone server.

Password Policy Manager

Password Policy Manager is an independently deployed component of Password Manager. Password Policy Manager is necessary to enforce password policies configured in Password Manager in those cases where users change their passwords using means other than Password Manager. For example, when user change their password on the Self-Service Site, a new password is checked against password policy rules immediately, and if it complies with password policies configured in Password Manager, the new password is accepted. But when user change their password by pressing CTRL+ALT+DELETE, for example, the password’s compliance with password policies cannot be checked by Password Manager unless Password Policy Manager is deployed on all domain controllers in a managed domain. Password Policy Manager installs the dictionary file in the SYSVOL folder to set a dictionary rule for new passwords. If the dictionary file already exists in the SYSVOL folder, Password Policy Manager setup will not replace the file while installing.

If Password Policy Manager is not installed on all domain controllers in the domain, password policies configured in Password Manager will be ignored when users change password by means other than Password Manager.

NOTE: The user account that is used to install Password Policy Manager must have write access to the SYSVOL folder in domain controller.

NOTE: When the user uninstalls Password Policy Manager, the installer will not remove the dictionary file from the SYSVOL folder. The user must remove the dictionary file manually if the file is not needed.

 Caution: Removing the dictionary file from the SYSVOL folder in one Domain Controller will result deletion of the dictionary file in all Domain Controllers .

For more information on Password Policy Manager, see About Password Policies.

Secure Password Extension

Secure Password Extension is an independently deployed component that provides one-click access to the complete functionality of the Self-Service Site from the Windows login screen. Secure Password Extension also provides dialog displayed on end-user computers that notify users who must create or update their Questions and Answers profiles with Password Manager.

Secure Password Extension should be installed on users’ computers through group policy.

For more information, see Secure Password Extension overview.

Verwandte Dokumente

The document was helpful.

Bewertung auswählen

I easily found the information I needed.

Bewertung auswählen