If a user receives a persistent message that states, "You cannot checkout the password for this account while another request is pending password reset" or "This account has password requests which have not yet expired or have to be reviewed. It cannot be deleted now", the account password is stuck in a pending password change state.
Ensure that the service account for the asset associated with this account is working. Then manually change the account password. For more information, see Checking, changing, or setting an account password.
Or, if the service account for the asset is working properly and the policy governing the account allows emergency access and has enabled multiple users simultaneous access, you can instruct the user to request the password using Emergency Access.
Ensure the password management settings are enable for profiles to run on schedule:
Factory reset from a kiosk: Allows you to recover from major problems or to clear the data and configuration settings on the appliance.
Caution: Care should be taken when performing a factory reset against a physical appliance, because this operation removes all data and audit history, returning it to its original state when it first came from the factory. The appliance must go through configuration again as if it had just come from the factory. For more information, see Setting up Safeguard for Privileged Passwords for the first time.
In addition, performing a factory reset may change the default SSL certificate and default SSH host key.
To start the recovery kiosk
On the terminal or laptop running the recovery kiosk, you must configure your serial port settings as follows:
On the laptop or terminal, configure the serial port settings as follows:
These options display on the recovery kiosk screen:
Safeguard for Privileged Passwords provides these keyboard shortcuts. If you make the window too small to accommodate the kiosk elements, Safeguard for Privileged Passwords tells you how to readjust the window size.
Ctrl + D: Resets the kiosk to its original state. Clears challenges and options.
Caution: When resetting the bootstrap admin password or performing a factory reset, if you reset the kiosk before you receive the response from One Identity Support, you must submit a new challenge.
Use the Appliance Information option on the recovery kiosk to view basic appliance information and edit the IP addresses.
Right-arrow to see:
To change the network properties for the primary interface (x0)
After editing the network interface properties, click Submit.
Once the updates are completed, a "Network interface update request accepted" message is displayed.