When a computer is not connected to the domain (remote with no VPN), how does the Secure Password Extension (SPE) connect to the Self-Service site?
The SPE functions as follows in attempting to connect to the Self Service site:
1. Local Registry
2. Service Connection Point published in Active Directory
The URL published in the Service Connection Point is configured on the Password Manager Admin site (PMAdmin) under General Settings | Realm Instances. If a remote user who is not connected to the domain attempts to use the Forgot My Password link from the logon screen, the SPE will not be able query the Service Connection Point for the URL.
Note: A Self-Service site needs to exist with an externally accessible URL (accessible outside of the internal network).
For remote users who are not, or will not be connected to the domain, the URL will need to provided to the SPE either through the use of a Group Policy (using the Administrative Template included with Password Manager installation media), or by modifying the registry on the client computer.
To force the SPE to use a specific URL by using the Administrative template, refer to the Password Manager Administration Guide:
https://support.oneidentity.com/technical-documents/password-manager/5.11/administration-guide/70#TOPIC-1898765
To manually configure the URL on each client computer:
Note: For clients to be able to access the Self-Service site from the logon screen when they are connected to the network and have had the URL provided to the SPE via the Administrative Template or manual registry editing, the URL for the external and internal site will need to match.
© 2024 One Identity LLC. ALL RIGHTS RESERVED. Términos de uso Privacidad Cookie Preference Center