Chat now with support
Chat with Support

We are currently experiencing issues on our phone support and are working diligently to restore services. For support, please sign in and create a case or email for assistance

Password Manager 5.10 - Administration Guide

About Password Manager Getting Started Password Manager Architecture
Password Manager Components and Third-Party Solutions Typical Deployment Scenarios Password Manager in Perimeter Network Management Policy Overview Password Policy Overview Secure Password Extension Overview reCAPTCHA Overview User Enrollment Process Overview Questions and Answers Policy Overview Password Change and Reset Process Overview Data Replication Phone-Based Authentication Service Overview
Management Policies
Checklist: Configuring Password Manager Understanding Management Policies Configuring Access to the Administration Site Configuring Access to the Self-Service Site Configuring Access to the Helpdesk Site Configuring Questions and Answers Policy Workflow overview Custom workflows Custom Activities Self-Service Workflows Helpdesk Workflows Notification Activities User Enforcement Rules
General Settings
General Settings Overview Search and Logon Options Import/Export Configuration Settings Outgoing Mail Servers Diagnostic Logging Scheduled Tasks Web Interface Customization Instance Reinitialization Realm Instances Domain Connections Extensibility Features RADIUS Two-Factor Authentication Password Manager components and third-party applications Unregistering users from Password Manager Working with Redistributable Secret Management account Email Templates
Upgrading Password Manager Administrative Templates Secure Password Extension Password Policies One Identity Starling Reporting Password Manager Integration Appendixes Glossary

Obtaining Self-Service Site URL from Service Connection Point

Every Password Manager instance publishes its service connection points in Active Directory. Secure Password Extension uses service connection points to automatically locate the Self-Service site.

Service connection points are objects in Active Directory that hold information about services. Services can publish information about their existence by creating service connection points in Active Directory. Client applications use this information to find and connect to instances of the service. When an instance of Password Manager is installed, the Password Manager Service publishes its service connection points in Active Directory. To locate the server where the Self-Service site is deployed, Secure Password Extension uses the service connection points published by Password Manager Service instances in Active Directory.


  1. Password Manager instance publishes a service connection point in Active Directory.
  2. Secure Password Extension locates the service connection point.
  3. Secure Password Extension obtains the necessary data from the service connection point (URL path to the Self-Service site).
  4. Secure Password Extension opens the Self-Service site.

Changing Self-Service Site URL on the Administration Site

If you want to change the default Self-Service site URL published in service connection points, use the Administration site to specify a new URL. It may be necessary if you enabled HTTPS binding for the Self-Service site after Password Manager installation, or if you want Secure Password Extension to use the Self-Service site installed on a stand-alone server.

To change the Self-Service site URL

  1. Connect to the Administration site by typing the Administration site URL in the address bar of your Web browser. By default, the URL is http://<ComputerName>/PMAdmin/.

    NOTE: When prompted to log in, provide your domain user name in a domainname\username format.

  2. On the menu bar, click General Settings, then click the Realm Instances tab.
  3. Click Edit under the service instance for which you want to specify a different Self-Service site URL.
  4. In the Edit Self-Service Site URL dialog, specify a new URL and click Save. The specified URL will then be published in service connection points.

Changing Self-Service Site URL in the Administrative Template

Another option to change the Self-Service URL used by Secure Password Extension is to use the administrative template prm_gina.admx located in \Password Manager\Setup\Template\Administrative Template\ folder of the installation CD.

The administrative template offers two options to override the automatic Self-Service site location: Specify URL path to the Self-Service site and Override URL path to the Self-Service site. If you want Secure Password Extension to use the specified URL only when service connection points are unavailable, for example when domain users access the Self-Service site from an external network, use the Specify URL path to the Self-Service site setting. If you want Secure Password Extension to always use the specified URL, enable the Override URL path to the Self-Service site setting after specifying the URL in the Specify URL path to the Self-Service site setting. The administrative template allows you to apply the settings to selected users.

For more information on how to apply administrative template, see Overriding Automatic Self-Service Site Location.

Launching User Notification

Every unique Password Manager instance creates a configuration storage account in Active Directory. Password Manager uses this account to store its configuration data. Secure Password Extension uses the account to launch user notification.

  1. Secure Password Extension locates the configuration storage account and obtains information on notification schedule.
  2. Secure Password Extension locates the user's account to check whether the user has been marked by the Password Manager scheduled task and should be notified to create or update his Questions and Answers profile.
Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating