This section describes how to override automatic location of the Password Reset Portal and customize Secure Password Extension.
This section describes how to override automatic location of the Password Reset Portal and customize Secure Password Extension.
You must manually specify the URL path of the Password Reset Portal.
To specify the Password Reset Portal location on a computer running Windows Server 2008 R2 or later
In Windows, click Start and open the Run application.
In the Run dialog, enter mmc and click OK.
In the Console window in the File menu, click Add/Remove Snap-in.
In the Add or Remove Snap-ins dialog in the list of available snap-ins, double-click Group Policy Management Editor.
In the Group Policy Wizard window, click Browse, select Default Domain Policy, and click OK.
Click Finish.
In the Add or Remove Snap-ins dialog, click OK.
In the Console window in the left pane, expand Default Domain Policy | Computer Configuration.
Right-click the Administrative Templates node and select Add/Remove Templates.
In the Add/Remove Templates dialog, click Add.
In the file browser, browse for the prm_gina.adm or prm_gina.admx file, select it, and then click Open.
In the Add/Remove Templates dialog, click Close.
Perform one of the following actions:
If you used the prm_gina.admx file: In the Console window under Computer Configuration, select the Administrative Templates node and then, on the right pane, double-click the One Identity Password Manager template.
If you used the prm_gina.adm file: In the Console window under Computer Configuration, select the Classic Administrative Templates (ADM) node and then, on the right pane, double-click the One Identity Password Manager template.
Double-click Generic Settings.
Double-click Specify URL path to the Self-Service site.
In the Specify URL path to the Self-Service site window in the Settings tab, select the Enabled option.
In the field, enter the URL path to the Password Reset Portal.
Click OK.
Double-click Override URL path to the Self-Service site.
In the Settings tab, select the Enabled option.
Click OK.
Apply the updated policy to the computers in the managed domain.
NOTE: Application of the updated policy to the computers in the managed domain may take some time to complete.
You can change the logo for Secure Password Extension that is displayed on end-user computers.
To deploy a custom logo for Secure Password Extension on end-user computers
Create a startup script to deploy your logo image.
TIP: See the sample script following this procedure.
Create your logo image file and place it on a network share that is accessible to all network hosts on which the script is run.
In Windows, click Start and open the Run application.
In the Run dialog, enter gpmc.msc and click OK.
In the Group Policy Management Editor window, open the GPO that includes the prm_gina.adm administrative template.
Expand Computer Configuration | Administrative Templates | One IdentityPassword Manager | Pre-Windows Vista Settings and click Secure Password Extension Logo.
Enable the Set dialogue background image policy setting by specifying a local path to the logo image file on end-user computers.
NOTE: The local path you specify in these policy settings must be the same as in the startup script specified later in this section.
Expand Computer configuration | Windows Settings and click Scripts (Startup/Shutdown).
In the right pane, double-click Startup.
In the Startup Properties window, click Add.
In the Add a Script dialog, click Browse and browse for the script file you have created in step 1.
Specify the script parameters.
Click OK.
The following example startup script is a batch file that runs on end-user computers during the system startup, and copies the custom logo image from the network share to a local folder:
IMPORTANT:[SharedDir] is a shared domain directory that must be available during startup.
The script lines containing target paths must be entered as a single line. The lines are wrapped in this article only for readability purposes.
@echo off
rem "SPE startup script"
rem *Check target directory existence*
if exist "c:\Program Files\One Identity\Secure Password Extension"
goto :COPY_FILE
md "c:\Program Files\One Identity\Secure Password Extension"
rem *Copy BMP image - %1*
:COPY_FILE
copy [SharedDir]\%1 "c:\Program Files\One Identity\Secure Password Extension\"
rem pause
:out
@echo off
rem "SPE startup script"
rem *Check target directory existence*
if exist "c:\Program Files\One Identity\Secure Password Extension"
goto :COPY_FILE
md "c:\Program Files\One Identity\Secure Password Extension"
rem *Copy BMP image - %1*
:COPY_FILE
copy [SharedDir]\%1 "c:\Program Files\One Identity\Secure Password Extension\"
rem pause
:out
You can specify the position of the Secure Password Extension window on the login screen of end-user computers.
To change the position of the Secure Password Extension window on end-user computers
In Windows, click Start and open the Run application.
In the Run dialog, enter gpmc.msc and click OK.
In the Group Policy Management Editor window, open the GPO that includes the prm_gina.adm administrative template.
Expand Computer Configuration | Administrative Templates | One IdentityPassword Manager | Pre-Windows Vista Settings | Secure Password Extension Window Settings and enable the Set Secure Password Extension Window Position policy by specifying the position of the Secure Password Extension window on the Windows login screen of end-user computers.
Click OK.
© ALL RIGHTS RESERVED. Feedback Terms of Use Privacy Cookie Preference Center