Chat now with support
Chat with Support

Password Manager 5.14 - Administration Guide

About Password Manager Getting started Password Manager architecture
Password Manager components and third-party applications Typical deployment scenarios Password Manager in a perimeter network Management Policy overview Password policy overview Secure Password Extension overview reCAPTCHA overview User enrollment process overview Questions and Answers policy overview Password change and reset process overview Data replication Phone-based authentication service overview
Management policies
Checklist: Configuring Password Manager Understanding Management Policies Adding or cloning a new Management Policy Configuring access to the Administration Site Configuring access to the Password Manager Self-Service Site Configuring access to the Helpdesk Site Configuring Questions and Answers policy Workflow overview Custom workflows Custom activities Password Manager Self-Service Site workflows Helpdesk workflows Notification activities User enforcement rules
General Settings
General Settings overview Search and logon options Importing and exporting configuration settings Outgoing mail servers Diagnostic logging Scheduled tasks Web Interface customization Instance reinitialization Realm Instances Domain Connections Extensibility features RADIUS Two-Factor Authentication Internal Feedback Customizing help link URL Password Manager components and third-party applications Unregistering users from Password Manager Bulk Force Password Reset Fido2 key management Working with Redistributable Secret Management account Email templates
Upgrading Password Manager Administrative Templates Secure Password Extension Password Policies Enable 2FA for administrators and helpdesk users Reporting Password Manager integration Accounts used in Password Manager Open communication ports for Password Manager Customization options overview Third-party contributions Glossary

Maximum Password Age Policy Task

This task is used to force users to change passwords at next logon if password’s maximum age is reached.

The scope of this task is the scopes of all configured One Identity password policies. For more information on the One Identity password policies, see Creating and Configuring a Password Policy.

This task applies the maximum password age rule set in the configured One Identity password policies. If the maximum password age is reached, users will be required to change password at next logon.

To schedule this task

  1. Connect to the Administration Site by typing the Administration Site URL in the address bar of your Web browser. By default, the URL is http://<ComputerName>/PMAdmin/.

    NOTE: When prompted to log in, provide your domain user name in a domainname\username format.

  2. On the menu bar, click General Settings, then click the Scheduled Tasks tab.

  3. Click Edit under the Maximum Password Age Policy task.

  4. From the drop-down list select one of the following options: Run hourly, Run daily or Run weekly.

  5. Depending on the option selected above, specify the time and/or days of the week when this task should be run.

  6. Under Run the task on this Password Manager instance, select the Password Manager server on which the task should be run.

    IMPORTANT: The task status can be viewed only on the Password Manager instance on which the task is scheduled to run.

  7. Click Save.

To force the task to run earlier than scheduled, click the Run now link under the task.

User Status Statistics Task

By default, the User Status Statistics task runs every day. Normally, it is not recommended to change the schedule, although if you have other heavy-duty tasks (for instance, an Active Directory backup task) running at that time, we recommend that you reschedule the User Status Statistics task to run in off-peak hours. The User Status Statistics task is used to do the following:

  • Enumerating users for licensing purposes: Password Manager is licensed for a specific number of user accounts enabled for management by Password Manager in all managed domains. The task checks whether the managed user count is within the license limit.

  • Collecting statistic information about users.: Including the total user count, the number of users registered and the users not-registered with Password Manager, number of users required to register with Password Manager, and the number of users required to update profile. This information is collected for all the domains managed by a specific Password Manager instance and displayed on the Reports page of the Administration Site.

The scope of this task corresponds to user scopes of all configured Management Policies.

To schedule this task

  1. Connect to the Administration Site by typing the Administration Site URL in the address bar of your Web browser. By default, the URL is http://<ComputerName>/PMAdmin/.

    NOTE: When prompted to log in, provide your domain user name in a domainname\username format.

  2. On the menu bar, click General Settings, then click the Scheduled Tasks tab.

  3. Click Edit under the User Status Statistics task.

  4. From the drop-down list select one of the following options: Run hourly, Run daily or Run weekly.

  5. Depending on the option selected above, specify the time and/or days of the week when this task should be run.

  6. Under Run the task on this Password Manager instance, select the Password Manager server on which the task should be run.

    IMPORTANT: The task status can be viewed only on the Password Manager instance on which the task is scheduled to run.

  7. Click Save.

To force the task to run earlier than scheduled, click the Run now link under the task.

Clear Old Records from Reporting Database

Use this task to clean up records in the reporting database and archive the cleared records. The administrator needs to provide a date range and select particular record types to delete the records. The administrator can schedule a task on a specific date and time.

To schedule the task:

  1. Connect to the Administration Site by typing the Administration Site URL in the address bar of your Web browser. By default, the URL is http://<ComputerName>/PMAdmin/.

    NOTE: When prompted to log in, provide your domain user name in a domainname\username format.

  2. On the menu bar, click General Settings, then click the Scheduled Tasks tab.

  3. Click Edit under Clear Old Records from Reporting Database to open the console.

  4. Select the The task is enabled checkbox.

  5. Select Archive and Clear Records or Clear Records.

  6. Select the date range from the From Date and To Date date pickers.

  7. Select the checkboxes corresponding to the record types that you want to clear, in Select Record Types section.

  8. Alternatively, select the Select All checkbox to select all the record types to clear.

  9. Select the date and time from the Start at date picker to schedule the task to clear the records.

  10. Select the Password Manager instance to run the task.

  11. Click Save to save all the settings, and schedule the task.

Environment Health Checker Task

This scheduled task is used to check the status of all domain controllers from all domain connections and select the best available domain controller for each connection.

For example, to connect to a managed domain mydomain.com three domain controllers can be used: domain controller (DC)1, 2 and 3; the best available domain controller is DC 1. By default, the best available domain controller is used to connect to the domain. If this domain controller becomes unavailable, the next available domain controller is automatically selected. For example, DC 2 is now used to connect to the domain. But if DC 1 becomes available again, the connection will not be automatically switched to DC 1.

To switch back to DC 1, the environment health checker task should be run. This task checks the availability of domain controllers for domain connections, and selects the best domain controller for each connection.

To schedule this task

  1. Connect to the Administration Site by typing the Administration Site URL in the address bar of your Web browser. By default, the URL is http://<ComputerName>/PMAdmin/.

    NOTE: When prompted to log in, provide your domain user name in a domainname\username format.

  2. On the menu bar, click General Settings, then click the Scheduled Tasks tab.

  3. Click Edit under the Environment Health Checker task.

  4. To enable the task select the The task is enabled check box.

  5. From the drop-down list, select one of the following options: Run hourly, Run daily or Run weekly.

  6. Depending on the option selected above, specify the time and/or days of the week when this task should be run.

  7. Under Run the task on this Password Manager instance, select the Password Manager server on which the task should be run.

    IMPORTANT: The task status can be viewed only on the Password Manager instance on which the task is scheduled to run.

  8. Click Save.

To force the task to run earlier than scheduled, click the Run now link under the task.

Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating