Chat now with support
Chat with Support

Password Manager 5.11.3 - Administration Guide

About Password Manager Getting Started Password Manager Architecture
Password Manager Components and Third-Party Solutions Typical Deployment Scenarios Password Manager in Perimeter Network Management Policy Overview Password Policy Overview Secure Password Extension Overview reCAPTCHA Overview User Enrollment Process Overview Questions and Answers Policy Overview Password Change and Reset Process Overview Data Replication Phone-Based Authentication Service Overview
Management Policies
Checklist: Configuring Password Manager Understanding Management Policies Configuring Access to the Administration Site Configuring Access to the Self-Service Site Configuring Access to the Helpdesk Site Configuring Questions and Answers Policy Workflow overview Custom workflows Custom Activities Self-Service Workflows Helpdesk Workflows Notification Activities User Enforcement Rules
General Settings
General Settings Overview Search and Logon Options Import/Export Configuration Settings Outgoing Mail Servers Diagnostic Logging Scheduled Tasks Web Interface Customization Instance Reinitialization Realm Instances Domain Connections Extensibility Features RADIUS Two-Factor Authentication Password Manager components and third-party applications Unregistering users from Password Manager Bulk Force Password Reset Working with Redistributable Secret Management account Email Templates
Upgrading Password Manager Administrative Templates Secure Password Extension Password Policies Enable S2FA for Administrators & Enable S2FA for HelpDesk Users Reporting Password Manager Integration Appendixes Glossary

Password Manager Service and Administration Site

Password Manager Service and Administration site

Password Manager Service and the Administration site are a core component of Password Manager.

Password Manager Service is a Windows service that provides core functionality and runs under the Password Manager Service account, which is specified during Password Manager installation.

The Administration site provides all the necessary settings for an administrator to configure and use Password Manager. Using the Administration site, the administrator can configure user and Helpdesk scopes, management policies, password policy rules.

Note that the Administration site cannot be installed separately from Password Manager Service.

When installing the Administration site and Password Manager Service, the Self-Service and Helpdesk sites are also installed.

Self-Service Site

Self-Service site

The Self-Service site provides users with the ability to easily and securely manage their passwords, thus eliminating the need for assistance from high-level administrators and reducing Helpdesk workload.

The Self-Service site can be installed on the same server as the Administration Site and Password Manager Service, or on a stand-alone server, for example, if you want to install the Self-Service site in a perimeter network (DMZ).

Password Manager Self-Service site

The Password Manager Self-Service site provides functionality similar to the Legacy Self-Service site. The Password Manager Self-Service site includes enhancements to the user interface to improve the usability of the site.

Limitations & Restrictions of the Password Manager Self-Service site

  • The Password Manager Self-Service site can co-exist along with the Legacy Self-Service site.
  • It is possible to revert to the Legacy Self-Service site at any time.
  • The Password Manager Self-Service site is only available in English.

Alternative option

As an alternative to using Password Manager Self-Service site, use the Legacy Self-Service site.

Helpdesk Site

Helpdesk site

The Helpdesk site handles typical tasks performed by Helpdesk operators, such as resetting passwords, unlocking user accounts, assigning temporary passcodes, and managing user Questions and Answers profiles.

The Helpdesk site can be installed either on the same server as the as the Administration Site and Password Manager Service, or on a standalone server.

Password Policy Manager

Password Policy Manager

Password Policy Manager is an independently deployed component of Password Manager. Password Policy Manager is necessary to enforce password policies configured in Password Manager in those cases where users change their passwords using means other than Password Manager. For example, when user change their password on the Self-Service site, a new password is checked against password policy rules immediately, and if it complies with password policies configured in Password Manager, the new password is accepted. But when user change their password by pressing CTRL+ALT+DELETE, for example, the password’s compliance with password policies cannot be checked by Password Manager unless Password Policy Manager is deployed on all domain controllers in a managed domain. Password Policy Manager installs the dictionary file in the SYSVOL folder to set a dictionary rule for new passwords. If the dictionary file already exists in the SYSVOL folder, Password Policy Manager setup will not replace the file while installing.

If Password Policy Manager is not installed on all domain controllers in the domain, password policies configured in Password Manager will be ignored when users change password by means other than Password Manager.

NOTE: The user account that is used to install Password Policy Manager must have write access to the SYSVOL folder in domain controller.

NOTE: When the user uninstalls Password Policy Manager, the installer will not remove the dictionary file from the SYSVOL folder. The user must remove the dictionary file manually if the file is not needed.

Caution: Removing the dictionary file from the SYSVOL folder in one Domain Controller will result deletion of the dictionary file in all Domain Controllers .

For more information on Password Policy Manager, see About Password Policies.

Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating