지금 지원 담당자와 채팅
지원 담당자와 채팅

Password Manager 5.9.5 - Administration Guide

About Password Manager Getting Started Password Manager Architecture
Password Manager Components and Third-Party Solutions Typical Deployment Scenarios Password Manager in Perimeter Network Management Policy Overview Password Policy Overview Secure Password Extension Overview reCAPTCHA Overview User Enrollment Process Overview Questions and Answers Policy Overview Password Change and Reset Process Overview Data Replication Phone-Based Authentication Service Overview
Management Policies
Checklist: Configuring Password Manager Understanding Management Policies Configuring Access to the Administration Site Configuring Access to the Self-Service Site Configuring Access to the Helpdesk Site Configuring Questions and Answers Policy Workflow Overview Custom Workflows Custom Activities Self-Service Workflows Helpdesk Workflows Notification Activities User Enforcement Rules
General Settings Upgrading Password Manager Administrative Templates Secure Password Extension Password Policies One Identity Hybrid Subscription One Identity Starling Reporting Password Manager Integration Appendixes Glossary

Configuring Q&A Profile Settings

Question and Answers profile settings allow you to define settings and requirements for user’s questions and answers. For example, you can prevent users from using the same answer for multiple questions. Questions and answers that do not comply with the policy will not be accepted.

For an overview of Q&A policy and profile settings, see Questions and Answers policy overview.

To configure Questions and Answers policy

  1. Connect to the Administration site by typing the Administration site URL in the address bar of your web browser. By default, the URL is http://<ComputerName>/PM/Admin/.
  2. On the Administration site home page, click the Q&A Policy link under the Management Policy you want to configure.
  3. On the Configure Questions and Answers Policy page, click the Q&A profile settings link.
  4. In the Q&A Profile Settings dialog, specify the following options:
    1. Question Settings
      1. Users must answer this number of optional questions to register: Set the required number of optional questions that a user must answer to create a Questions and Answers profile.

      2. Users must answer this number of user-defined questions to register: Set the required number of user-defined questions that a user must specify to create a Questions and Answers profile.
      3. Minimum length of user-defined questions: Set the least number of characters that user-defined questions can contain.
    2. Answer Settings
      1. Minimum length of answers: Set the least number of characters that users' answers can contain.
      2. Reject the same answers for different questions: Select to prevent users from specifying same answers for different questions.

      3. Reject answers that contain corresponding questions: Select to prevent users from specifying answers that contain corresponding questions.
      4. Store answers using reversible encryption: Select to store users' answers using reversible encryption. If you do not select this check box, answers to secret questions (mandatory, optional, and user-defined) will be hashed using the hashing algorithm you specified when initializing the instance. If you want to change the hashing algorithm, you need to re-initialize the instance. For more information, see Instance Reinitialization . Note that answers to helpdesk questions are always stored using reversible encryption.
    3. Security Settings
      1. Allow users to hide their answers: Select this check box to allow users to hide their answers on the screen, so that answer entry fields will look like a series of asterisks.
      2. Hide users’ answers by default: Select this check box to have Password Manager display users' answers as asterisks while they are typing in their answers.
      3. Do not require users to confirm answers if answers are hidden: Select this check box to allow users to enter their answers only once, if answers are hidden.
  1. Click Save.

Workflow Overview

Workflows allow an administrator to customize the behavior of Password Manager. Workflows are divided into two categories: Self-Service and Helpdesk workflows.

Self-service workflows define the behavior of the Self-Service site. All configured and enabled self-service workflows will be available on the Self-Service site as tasks available to Password Manager users. To modify the task behavior, edit the corresponding workflow.

Helpdesk workflows define the behavior of the Helpdesk site. All configured and enabled Helpdesk workflows will be available on the Helpdesk site as actions available to Helpdesk operators. To modify the task behavior, edit the corresponding workflow.

Workflow Structure

A workflow consists of activities. Each activity can be configured independently of other activities.

Activities are grouped into three categories: authentication, actions, and notifications.

Authentication activities are a group of activities that provide different authentication options, for example authentication with password or Questions and Answers profiles, or phone-based authentication.

The actions category includes activities that are core components of the workflows, for example, Unlock Account, Edit Q&A Profile, Reset Password, and other activities.

Notification activities are activities that you can use to configure email notifications for users and administrators, and specify conditions under which the notifications should be sent.

All available activities are displayed in the left pane of a workflow designer. To add an activity to a workflow, simply drag the activity to the right pane of the workflow designer. To remove an activity, click the Close button on the activity box.

The right pane of the workflow designer displays a workflow structure: which activities should be performed and in what order. The activities are executed in the order they appear in the workflow designer. You can change their order by moving activities up or down in the workflow designer.

Workflow State

A workflow can be in one of the three states: Success, Failure, Critical Error. These states determine how a workflow is performed, that is, what activities are executed.

If no errors occur during a workflow execution, the workflow state is success. In this state all activities except Email user if workflow fails, Email administrator if workflow fails, Lock Q&A profile, and Restart workflow if error occurs are performed.

If an error occurs when performing an activity, the Failure state is set for a workflow. After this, only the following activities are performed in the workflow (if such activities are present in the workflow): Email user if workflow fails, Email administrator if workflow fails, Lock Q&A profile, and Restart workflow if error occurs. Note that the Restart workflow if error occurs activity resets the workflow state to Success and reruns the workflow from the beginning.

If a critical error occurs, for example user’s account or Q&A profile gets locked, the Critical Error state is set for a workflow. Then only the Email user if workflow fails and Email administrator if workflow fails activities are performed, if they are included in the workflow. After these activities are performed, the workflow is stopped.

관련 문서

The document was helpful.

평가 결과 선택

I easily found the information I needed.

평가 결과 선택