Chatta subito con l'assistenza
Chat con il supporto

Password Manager 5.13.0 - Administration Guide (AD LDS Edition)

About Password Manager Getting Started Upgrading Password Manager Password Manager Architecture
Password Manager Components and Third-Party Solutions Typical Deployment Scenarios Password Manager in Perimeter Network Management Policy Overview Password Policy Overview reCAPTCHA Overview User Enrollment Process Overview Questions and Answers Policy Overview Data Replication Phone-Based Authentication Service Overview Configuring Management Policy
Management Policies
Checklist: Configuring Password Manager Understanding Management Policies Configuring Access to the Administration Site Configuring Access to the Self-Service Site Configuring Access to the Helpdesk Site Configuring Questions and Answers Policy Workflow overview Custom workflows Custom Activities Self-Service Workflows Helpdesk Workflows User Enforcement Rules
General Settings
General Settings Overview Search and Logon Options Import/Export Configuration Settings Outgoing Mail Servers Diagnostic Logging Scheduled Tasks Web Interface Customization Instance Reinitialization Realm Instances AD LDS Instance Connections Extensibility Features RADIUS Two-Factor Authentication Internal Feedback Password Manager components and third-party applications Unregistering users from Password Manager Bulk Force Password Reset Fido2 key management Working with Redistributable Secret Management account Email Templates
Password Policies Enable S2FA for Administrators and Enable S2FA for HelpDesk Users Reporting Accounts Used in Password Manager for AD LDS Open Communication Ports for Password Manager for AD LDS Customization Options Overview Feature imparities between the legacy and the new Self-Service Sites Glossary

Overview of Built-in Helpdesk Activities

All built-in activities available in the helpdesk workflows fall into the following categories: authentication, actions and notifications.

Authentication activities are a group of activities that provide different authentication options, for example authentication with Questions and Answers profiles, or phone-based authentication.

The actions category includes activities that are core components of the helpdesk workflows, for example Unlock Account, Assign Passcode, and other activities.

Notification activities are activities that you can use to configure email notifications for users and administrators, and specify conditions under which the notifications should be sent.

The following sections describe the helpdesk activities and provide information about the settings specific to each activity.

Authentication Activities

This section describes workflow activities that provide different authentication options.

Authentication Methods

Authentication Methods

Use this activity to select which authentication methods to display in the User site. The three types of authentication methods available to select for the administrator are as follows:

  • Security Questions

  • Corporate Authentication

  • Personal Email

IMPORTANT: The administrator can select any of the activities selected in the registration method, to make it default mode for authentication for the users on the User site. Select one of the settings radio buttons from the right side to make it default authentication method.

NOTE: When the administrator selects registration method(s), only the respective authentication methods are visible to the administrator in Authentication methods. See the Register section.

Security Questions

Use this activity to authenticate a user with the personal Questions and Answers profile. In this activity, the administrator can specify how many questions from the Questions and Answers profile the user must answer for authentication.

  • Authenticate with Q&A Profile : See Authenticate with Q&A Profile.

Corporate Authentication

Use this activity to authenticate a user with a mobile device. There are two methods to authenticate the users using a mobile device.

  • Authenticate with RADIUS Two-Factor Authentication: See Authenticate with RADIUS Two-Factor Authentication.

  • Authenticate via Phone: See Authenticate via Phone.

Personal EmailAuthenticate via Passcode: Use this activity to authenticate the users with a passcode. The administrator can configure passcode length and expiry time limit for the passcode.

Authenticate with Q&A Profile

Use this activity to authenticate a user with a personal Questions and Answers profile. In this activity you can specify mandatory and helpdesk questions from user’s Q&A profile that a user must answer to be authenticated.

 IMPORTANT: If the questions you selected in this activity are not found in the user’s Q&A profile, the user will not be authenticated and the workflow containing this activity will not be performed for this user.

You can select one of the following authentication methods:

  • Answers to the specified questions (user’s answer is shown). In this mode, a helpdesk operator will ask a user for complete answers to the specified questions, and then compare them to the answers displayed on the identity verification page.

    		IMPORTANT: This option cannot be used if user answers to mandatory questions are not stored using reversible encryption. To store answers using reversible encryption, select the corresponding option in the Q&A profile settings. For more information, see Configuring Q&A Profile Settings.
  • Answers to the specified questions (user’s answer not shown). In this mode, a helpdesk operator will ask a user for complete answers to the specified questions, and enter the answers on the identity verification page.
  • Random characters of answers to the specified questions. In this mode, a helpdesk operator will ask a user to tell the specified number of characters in the user's answer to a specified question, and then type in those characters in the appropriate positions on the identity verification page.
Related Documents

The document was helpful.

Seleziona valutazione

I easily found the information I needed.

Seleziona valutazione