Chat now with support
Chat with Support

Password Manager 5.13.2 - Administration Guide (AD LDS Edition)

About Password Manager Getting Started Password Manager Architecture
Password Manager Components and Third-Party Solutions Typical Deployment Scenarios Password Manager in a perimeter network Management Policy Overview Password Policy Overview reCAPTCHA Overview User Enrollment Process Overview Questions and Answers Policy Overview Data Replication Phone-Based Authentication Service Overview Configuring Management Policy
Management Policies
Checklist: Configuring Password Manager Understanding Management Policies Configuring Access to the Administration Site Configuring Access to the Legacy Self-Service Site and Password Manager Self-Service Site Configuring Access to the Helpdesk Site Configuring Questions and Answers Policy Workflow overview Custom workflows Custom Activities Legacy Self-Service or Password Manager Self-Service Site workflows Helpdesk Workflows User Enforcement Rules
General Settings
General Settings Overview Search and Logon Options Import/Export Configuration Settings Outgoing Mail Servers Diagnostic Logging Scheduled Tasks Web Interface Customization Instance Reinitialization Realm Instances AD LDS Instance Connections Extensibility Features RADIUS Two-Factor Authentication Internal Feedback Password Manager components and third-party applications Unregistering users from Password Manager Bulk Force Password Reset Fido2 key management Working with Redistributable Secret Management account Email templates
Upgrading Password Manager Password Policies Enable 2FA for Administrators and Enable 2FA for HelpDesk Users Reporting Accounts Used in Password Manager for AD LDS Appendix B: Open Communication Ports for Password Manager for AD LDS Customization Options Overview Feature imparities between the legacy and the new Self-Service Sites Third-party contributions Glossary

General Settings

General Settings Overview

This section outlines the procedures required to configure general settings that apply to all created Management Policies, such as:

  • Search and logon options

  • Import/export of configuration settings

  • Outgoing mail servers

  • Diagnostic logging

  • Scheduled tasks

  • Web interface customization

  • Reinitialization

  • Realm instances

  • AD LDS instance connections

Search and Logon Options

By configuring the search and logon options you specify how users and helpdesk operators search for their accounts and log in on the Self-Service and Helpdesk sites.

You can also configure Password Manager to display CAPTCHA or reCAPTCHA images and allow or prohibit account search on the Self-Service Site.

Configuring Search Options for the Self-Service Site

You can use the General Settings > Search and Logon Options tab of the Password Manager for AD LDS Administration Site to configure the following account search and security options:

Table 11: Search and Logon options

Option

Description

Do not allow users to search for their accounts

When selected, users must either select the applicable directory partition to log in, or must specify an additional user account attribute (for example, their email address) when logging in either to the Self-Service Site or the Helpdesk Site.

  • Show the list of application directory partitions to allow users to select the partition for logging in: When selected, the Self-Service Site will show all application directory partitions registered to Password Manager for AD LDS, allowing users to select the application directory partition their accounts belongs to.

    NOTE: The list will display all aliases that the user specified in their partition connections.

  • Users must enter the following user account attribute for identification (this may slow down the performance): When selected, users must search for their accounts by using the specified AD LDS user account attribute. Use the text boxes under this setting to specify the attribute (for example, the email address) that users must enter on the Find User page of the Self-Service Site to search for their user account.

Allow users to search for their accounts

When selected, users can search for their accounts by simply providing their first name, last name, or account email address.

  • Allow user search from external network: When selected, users can search their account on the Self-Service Site also from an external network.

    TIP: Clear this setting to restrict searches only to IP addresses specified in the corporate IP address range of your organization, and to increase security. For more information on defining corporate IP address ranges, see Location sensitive authentication.

    For more information on user search in an external network, see Partial user search on external network.

    NOTE: If the Allow user search from external network setting is cleared, but no corporate IP address range is specified in the organization, every network from which a user search is performed will be treated by Password Manager for AD LDS as an external network.

  • Search in multiple application directory partitions: When selected, users can search for their accounts in all application directory partitions registered with Password Manager for AD LDS.

  • Number of users to display in search results: Specifies the number of user accounts (between 1 and 99) displayed in the search results.

  • Automatically show available self-service tasks if only one account is found: When selected, Password Manager for AD LDS automatically opens the Home page of the Self-Service Site for the user if only one user account is found that matches the search criteria.

  • User account attributes to display in search results: Allows you to specify the user attributes (such as first name, last name, user logon name, email address) to display in the search results.

Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating