The Helpdesk site handles typical tasks performed by Helpdesk operators, such as resetting passwords, unlocking user accounts, assigning temporary passcodes, and managing users' Questions and Answers profiles.
The Helpdesk site can be installed either on the same server as the Administration Site and Password Manager service, or on a stand-alone server.
The Helpdesk site uses a form-based authentication which prompts users to logon:
Password Manager allows a Helpdesk group to be added for each Management Scope. If you require different Helpdesk groups to be able to administer different scopes of users, additional Management Scopes will have to be created to accommodate the restrictions for the Helpdesk groups.
The Scope of who can logon to the Helpdesk site can be configured in the Admin site for each Management Policy:
To select the Groups who can access the Helpdesk site, first click Helpdesk Scope, then click Add domain connection.
If you already have a Domain connection, select Use this connection:
If you do not see the desired Domain Connection, click Add domain connection and enter the required information.
Once the Domain has been added, select Edit:
Add in the Groups to be allowed access to the Helpdesk site and perform Helpdesk actions.
Password Manager has the ability to change the configuration options, such as the encryption level and the attribute used to store Users’ Q&A Profile settings without the need to reinstall or modify configuration files.
If you choose to perform a Reinitialization, please keep the following in mind:
When changing the Encryption algorithm within the PMAdmin site | General settings | Reinitialization section the following message occurs:
|Warning: You are changing configuration and security settings. To prevent users from losing their Q&A profiles use the Migration Wizard to update the profiles.
What are the next steps?
- Once the setting has been changed select Save
- Provide a password to the new configuration file
- Select Export (do not click Save yet)
- Click Save after the Export is complete or it will not work
- Launch the Migration Wizard found in the Password Manager Autorun and select: Update users’ Q&A profiles with new instance settings and follow the wizard
Reporting is an optional component. The Reports section of the Admin site includes a number of pre-defined reports that help you perform the following tasks:
- Track user registration activity
- Analyze information about what actions are performed by users in Password Manager
- Check users’ registration status
- View a list of users whose Questions and Answers profiles must be updated to comply with the current administrator-defined settings
- Track helpdesk operators’ activity
To use Password Manager Reports, you need to connect to a Microsoft SQL Server and a Microsoft Reporting Service Server (SSRS).
To use the User Action History functionality, you need to connect to an SQL Server only.
|NOTE: When a user registers with Password Manager, the Q&A profile information is stored within the user object in Active Directory. Reporting only allows the ability to query user statistic information and does not store the profile data in the database.
If you choose to take advantage of the Password Manager reports, the following is required:
- Microsoft SQL Reporting Services (SSRS) must be installed and configured
- The Password Manager service account must have sufficient permissions to create and write to a database on the SQL server
|NOTE: You cannot pre-create the database. Password Manager must create it.
- The Password Manager service account must have sufficient permission to publish reports on the SSRS server.