By default, the rSMS logs are available in C:\Windows\Temp\rSMS. You have the option to customize the log path to record the logs at a different location.
Customizing rSMS log path
On the system where the Password Manager Admin site is installed, click Start and then Services.
- On the Services window, right-click on One Identity rSMS Service.
- Select Properties and check the location from the Path to executable section.
- Open the command prompt with administrator privileges and navigate to the directory where One Identity rSMS Service is installed.
- From the directory where One Identity rSMS Service is installed, run the rSMS.Config.exe LogPath command to view the rSMS log path.
The log path currently used to record rSMS logs is displayed.
To update the log path, run the rSMS.Config.exe LogPath -f <new path> command. For example, rSMS.Config.exe LogPath -f C:\PM.
The log path is updated. To confirm the log path run the rSMS.Config.exe LogPath command again.
- Restart the One Identity rSMS Service.
Password Manager provides option to set the default template for confirmation e-mail. To send an auto generated email to user if workflow succeeds or fails, configure the email template from the General Settings tab for authentication.
To configure default e-mail template:
On the home page of the Administration site, click General Settings, and then click the Email Template tab.
Select the desired language from the Select language to customize template drop down menu, to customize the email template.
Click the + sign before the desired workflow to edit the template. Edit the subject and body of the notification template in the default language as required. When editing the notification template, you can use the parameters available in the notification editor, for example #USER_ACCOUNT_NAME#, #WORKFLOW_RESULT#, and others.
In the Message format box, select the format to use for the notifications. You can select from two options: either HTML or Plain text.
Select the default language from the Select default language for email drop down menu, to select the default email template to send to the user.
In the User notification settings, select one of the following options for user notification subscription:
- Subscribe users to this notification. Allow users to unsubscribe.
- Subscribe users to this notification. Do not allow users to unsubscribe.
- Do not subscribe users to this notification. Allow users to subscribe to this notification.
- Click Save, to save the settings
By default, an AD LDS instance applies existing local or domain password policies. If a server on which AD LDS is installed belongs to a workgroup, the server’s local password policy settings and account lockout settings are enforced. If the server on which AD LDS is running belongs to a domain, the password policy settings and account lockout settings from the domain are enforced.
You can use Password Manager to create additional password policies that define which passwords to reject or accept. For each policy, you can configure a number rules, for example, a password age rule, complexity and length rules, custom rule, and others. It is recommended to use the custom rule to display the settings of the local or domain password policy applied to the server on which AD LDS is running. For more information, see Custom Rule.
Password policy settings are stored in Group Policy objects (GPOs). A GPO is applied to a target organizational unit. Group Policy objects from parent containers are inherited by default. When multiple Group Policy objects are applied, the policy settings are aggregated. For information on how to apply a password policy and change the policy priority, see Managing Password Policy Scope.