Chat now with support
Chat with Support

Enterprise Single Sign-On 8.0.6 - Advanced Login Self Service Password Request Administrator Guide

1 Overview 2 Configuring and Using the Password/PIN Reset Function 3 Forcing the Use of Tokens or Biometrics with the Temporary Password Access Function 4. Authorizing the Q&A-based Authentication

2.3.5 Logging on to Windows Without Changing Your Password

If your administrator has authorized it, you can log on to Windows by answering questions from the SOS button (Windows XP/2003) or the Password forgotten tile (Windows 7/2008) without changing your password.
Your workstation must be online.
A Quest ESSO Controller must be available.

3 Forcing the Use of Tokens or Biometrics with the Temporary Password Access Function

3.1 Forcing a New Primary Password for a User and Granting a Temporary Password Access

The Password tab of a user object allows you to preset the user's primary password without the user losing the recoverable SSO data.
Performing this action automatically unlocks the user account (if the unlocking operation fails, you are not warned).
The Password tab appears.
In the New password and Confirmation fields, type the new user primary password and click Apply.
Click the Generate button to automatically generate the user’s password and click Apply.
a)
Fill-in the New password and Confirmation fields.
b)
Select the User can connect using password authentication check box and click Apply.
c)
To extend the TPA duration, clear the User can connect using password authentication check box and create a new one.
4.
To avoid site replication problems if you use Active Directory: in the User is logged on computer field, type the name of the user's computer so that the password reset operation be done on a domain controller located on the same site as the computer (and not on the domain controller on which you are connected) and click Apply.
For more information on domain controller selection, see Quest ESSO Console Administrator Guide.

3.2 Setting the Duration of a Temporary Password Access

1.
In the tree structure of the Directory panel, click the user security profile associated to the users for which you want to set the duration of a TPA.
2.
Click the Authentication tab.
3.
Select the Allow temporary password access for check box and set the following parameters:
Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating