Chat now with support
Chat with Support

Identity Manager 8.1.5 - Administration Guide for Privileged Account Governance

Mapping a Privileged Account Management system in One Identity Manager Synchronizing a Privileged Account Management system
Setting up the initial synchronization of a One Identity Safeguard Customizing the synchronization configuration for One Identity Safeguard Executing synchronization Tasks after a synchronization Troubleshooting
Managing PAM user accounts and employees Managing the assignments of PAM user groups Provision of login information for PAM user accounts Mapping of PAM objects in One Identity Manager PAM access requests Handling of PAM objects in the Web Portal Basic data for managing a Privileged Account Management system Configuration parameters for the management of a Privileged Account Management system Default project template for One Identity Safeguard Editing One Identity Safeguard system objects Known issues about connecting One Identity Safeguard appliances About us

Editing the excluded list for passwords

You can add words to a list of restricted terms to prohibit them from being used in passwords.

NOTE: The restricted list applies globally to all password policies.

To add a term to the restricted list

  1. In the Designer, select the Base Data | Security settings | Restricted passwords category.

  2. Create a new entry with the Object | New menu item and enter the term you want to exclude from the list.
  3. Save the changes.

Checking passwords

When you check a password, all the password policy settings, custom scripts, and the restricted passwords are taken into account.

To check if a password conforms to the password policy

  1. In the Manager, select the Privileged Account Management | Basic configuration data | Password policies category.

  2. Select the password policy in the result list.
  3. Select the Change master data task.
  4. Select the Test tab.
  5. Select the table and object to be tested in Base object for test.

  6. Enter a password in Enter password to test.

    A display next to the password shows whether it is valid or not.

Testing the generation of passwords

When you generate a password, all the password policy settings, custom scripts and the restricted passwords are taken into account.

To generate a password that conforms to the password policy

  1. In the Manager, select the Privileged Account Management | Basic configuration data | Password policies category.

  2. In the result list, select the password policy.
  3. Select the Change master data task.
  4. Select the Test tab.

  5. Click Generate.

    This generates and displays a password.

Initial password for new PAM user accounts

You can issue an initial password for a new user account in the following ways:

  • Create user accounts manually and enter a password in their master data.

  • Assign a randomly generated initial password to enter when you create user accounts.

    • In the Designer, set the TargetSystem | PAG | Accounts | InitialRandomPassword configuration parameter.

    • Apply target system specific password policies and define the character sets that the password must contain.

    • Specify which employee will receive the initial password by email.

  • Use the employee's central password. The employee’s central password is mapped to the user account password. For detailed information about an employee’s central password, see the One Identity Manager Identity Management Base Module Administration Guide.

Related topics
Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating