Tchater maintenant avec le support
Tchattez avec un ingénieur du support

Password Manager 5.13.2 - Administration Guide

About Password Manager Getting started Password Manager architecture
Password Manager components and third-party applications Typical deployment scenarios Password Manager in a perimeter network Management Policy overview Password policy overview Secure Password Extension overview reCAPTCHA overview User enrollment process overview Questions and Answers policy overview Password change and reset process overview Data replication Phone-based authentication service overview
Management policies
Checklist: Configuring Password Manager Understanding Management Policies Configuring access to the Administration Site Configuring access to the Legacy Self-Service Site or Password Manager Self-Service Site Configuring access to the Helpdesk Site Configuring Questions and Answers policy Workflow overview Custom workflows Custom activities Legacy Self-Service or Password Manager Self-Service Site workflows Helpdesk workflows Notification activities User enforcement rules
General Settings
General Settings overview Search and logon options Importing and exporting configuration settings Outgoing mail servers Diagnostic logging Scheduled tasks Web Interface customization Instance reinitialization Realm Instances Domain Connections Extensibility features RADIUS Two-Factor Authentication Internal Feedback Password Manager components and third-party applications Unregistering users from Password Manager Bulk Force Password Reset Fido2 key management Working with Redistributable Secret Management account Email templates
Upgrading Password Manager Administrative Templates Secure Password Extension Password Policies Enable 2FA for administrators and helpdesk users Reporting Password Manager integration Accounts used in Password Manager Open communication ports for Password Manager Customization options overview Feature imparities between the legacy and the new Self-Service Sites Third-party contributions Glossary

Installing Administrative Templates

This section describes how to install administrative templates.

To install the administrative templates (.admx) on Domain Controller

  1. Login to the Active Directory Domain Controller machine with Administrative Privileges.

  2. Copy Administrative Template Configuration folder from the <CD>/Password Manager/Setup/Tools .

  3. Copy the Administrative Template folder into the Machine from <CD>/Password Manager/Setup/Template.

  4. Double click QPM.AdministrativeTemplateConfiguration.exe from the Administrative Template Configuration folder.

  5. In the Password Manager Administrative Template Configuration window, browse the Administrative Template folder path and verify the path to Policy Definitions.

  6. Click Execute to run the tool.

  7. Once the execution is complete, click Exit to close the window.

To install the administrative templates (.admx) on the client computer manually

  1. Copy the prm_gina.admx file into the %windir%\PolicyDefinitions directory.

  2. Copy the prm_gina.adml file into the %windir%\PolicyDefinitions\en-us directory.

  3. Open the Local Group Policy Editor (gpedit.msc).

    1. In the left pane (console tree) of the Local Group Policy Editor, expand Computer Configuration\Administrative Templates.

    NOTE:

    • You can now see the node One Identity Password Manager appearing automatically.

    • The .admx policies applied on the client computer takes priority.

Configuring Administrative Templates

This section describes how to configure administrative templates.

To configure the settings of the administrative templates on the Domain Controller

  1. Open the Group Policy Management Editor (gpmc.msc).

  2. Right click the domain node, then on the short cut menu, click Create a GPO in the domain and Link it here to link the policy.

  3. Enter a name to the New GPO. For example, OneIdentity.

  4. Right click the new GPO (OneIdentity) and set Enforced to apply the policy.

  5. Right click the new GPO (OneIdentity) and select Edit.

  6. Expand the newly created GPO and perform the following

  7. To view the latest Administrative Template

    1. Expand the newly created GPO.
    2. Go to Computer Configuration > Policies.

    3. Expand Administrative Templates: Policy Definitions(ADMX files) retrieved from the central store > One Identity Password Manager > Generic Settings.

Updating Administrative Templates

To update the administrative templates from .adm to .admx on both Domain Controller and Client computer, follow the steps mentioned below

Updating Templates on Domain Controller

Before updating the templates, you must remove the existing .adm templates and then proceed updating the templates.

To remove the administrative templates (.adm) on Domain Controller

  1. Open the Group Policy Management (gpmc.msc).

  2. Right click on the GPO you have created and set Enforced to disable.

  3. Again, right click on the GPO, and on the shortcut menu, click Edit. Group Policy Management Editor opens.

  4. On the left pane (console tree) of Group Policy Management Editor, expand Computer Configuration\Policies.

  5. Right-click the Administrative Templates node, then click Add/Remove Templates.

  6. In the Add/Remove Templates dialog, select the prm_gina.admx file and click Remove.

To update the administrative templates (.admx) on Domain Controller

  1. Copy the Administrative Template Configuration folder from <CD>/Password Manager/Setup/Tools.

  2. Copy the Administrative Template folder into the Machine from <CD>/Password Manager/Setup/Template.

  3. Double click the QPM.AdministrativeTemplateConfiguration.exe tool.

  4. Browse the Administrative Template folder path and verify the Path to Policy Definitions.

  5. Click Execute to run the tool.

  6. Once the execution is complete, launch the Group Policy Management utility.

  7. Right click the domain node, then on the shortcut menu, click Create a GPO in the domain and Link it here to link the policy.

  8. Enter a name to the New GPO. For example, OneIdentity.

  9. Right click the new GPO (OneIdentity) and select Enforced to apply the policy.

  10. Again, right click the new GPO (OneIdentity) and select Edit.

  11. Go to Computer Configuration > Policies

  12. Expand Administrative Templates: Policy Definitions (ADMX files) retrieved from the central store, then expand One Identity Password Manager

  13. Click on Generic Settings to view the newly checked in Administrative Template.

Updating templates on client computer

To remove the administrative templates (.adm) on client computer

  1. Open the Local Group Policy Management Editor (gpedit.msc).

  2. Expand Computer Configuration\Policies.

  3. Right-click the Administrative Templates node, then on the shortcut menu, click Add/Remove Templates.

  4. In the Add/Remove Templates dialog, select the prm_gina.admx file and click Remove.

To update the administrative templates (.admx) on the client computer manually

  1. Copy the prm_gina.admx file into the %windir%\PolicyDefinitions directory.

  2. Copy the prm_gina.adml file into the %windir%\PolicyDefinitions\en-us directory.

  3. Open the Local Group Policy Management Editor (gpedit.msc) and navigate to the Computer Configuration\Administrative Templates\One Identity Password Manager directory to see the policy settings.

Removing Administrative Templates

This section describes how to remove administrative templates.

To remove the administrative templates (.admx) on Domain Controller

  1. Open the Group Policy Management (gpmc.msc).

  2. Right click on the GPO you have created and set Enforced to disable.

  3. Navigate to C:\Windows\SYSVOL\sysvol\domain name\Policies\PolicyDefinitions path.

  4. Delete prm_gina.admx file.

  5. Navigate to the %systemroot%\SYSVOL\sysvol\domain name\Policies\PolicyDefinitions\en-US folder and delete prm_gina.adml file.

To remove the administrative templates (.admx) on the client computer manually

  1. Navigate to the %windir%\PolicyDefinitions directory. Delete the prm_gina.admx file.

  2. Navigate to the %windir%\PolicyDefinitions\en-us folder. Delete the prm_gina.adml file.

  3. Update the policy.

Documents connexes

The document was helpful.

Sélectionner une évaluation

I easily found the information I needed.

Sélectionner une évaluation