Chat now with support
Chat with Support

Password Manager 5.11.1 - Administration Guide (AD LDS Edition)

About Password Manager Getting Started Upgrading Password Manager Password Manager Architecture
Password Manager Components and Third-Party Solutions Typical Deployment Scenarios Password Manager in Perimeter Network Management Policy Overview Password Policy Overview reCAPTCHA Overview User Enrollment Process Overview Questions and Answers Policy Overview Data Replication Phone-Based Authentication Service Overview Configuring Management Policy
Management Policies
Checklist: Configuring Password Manager Understanding Management Policies Configuring Access to the Administration Site Configuring Access to the Self-Service Site Configuring Access to the Helpdesk Site Configuring Questions and Answers Policy Workflow overview Custom workflows Custom Activities Self-Service Workflows Helpdesk Workflows User Enforcement Rules
General Settings
General Settings Overview Search and Logon Options Import/Export Configuration Settings Outgoing Mail Servers Diagnostic Logging Scheduled Tasks Web Interface Customization Instance Reinitialization Realm Instances AD LDS Instance Connections Extensibility Features RADIUS Two-Factor Authentication Password Manager components and third-party applications Unregistering users from Password Manager Bulk Force Password Reset Working with Redistributable Secret Management account Email Templates
Password Policies Enable S2FA for Administrators and Enable S2FA for HelpDesk Users Reporting Appendix A: Accounts Used in Password Manager for AD LDS Appendix B: Open Communication Ports for Password Manager for AD LDS Appendix C: Customization Options Overview Appendix D: Feature imparities between the legacy and the new Self-Service Sites Glossary

Remind Users to Create/Update Q&A Profiles

Remind Users to Create/Update Profiles

By using this enforcement rule, you can configure Password Manager to remind users to create or update their Q&A profiles. If you configure this enforcement rule, users will be notified by email.

For this enforcement rule you can configure multiple notification scenarios depending on the invitation date.

The notification is performed by the Reminder to Create/Update Profile scheduled task. Note that email notification starts only after this scheduled task has run. For more information on the scheduled tasks, see Reminder to Create/Update Profile Task.

IMPORTANT: To notify users by email, the Reminder to Create/Update Q&A Profile scheduled task should be enabled.

This enforcement rule is disabled by default. To enable the rule, on the Home page of the Administration site, expand the required enforcement rules section, click Remind Users to Create/Update Q&A Profiles, and then click Enable.

To configure this enforcement rule, you must specify a user scope and notification scenarios.

To configure the enforcement rule user scope

  1. Connect to the Administration site by typing the Administration site URL in the address bar of your Web browser. By default, the URL is http://<ComputerName>/PMAdminADLDS/.

    NOTE: When prompted to log in, provide your domain user name in a domainname\username format.

  2. Select the Management Policy you want to modify.
  3. Expand the Enforcement Rules section and click Remind Users to Create/Update Q&A Profiles.
  4. To set the user scope of this rule, click Configure under Configure the rule’s scope, specify the following settings and click Save:
Table 12: Configure the scope of the rule

Option

Description

Users from the user scope of the Management Policy

Select this option to include all users from the Management Policy user scope to the enforcement rule scope.

The following users

Select this option to specify groups included to and excluded from the enforcement rule scope.

Users included both in the Management Policy user scope and the following groups

Specify groups included in the enforcement rule scope. Note, that only users belonging both to the Management Policy user scope and the specified groups will be included in the enforcement rule scope. To browse for groups, click Add, select the required groups and click Save.

Users excluded from the rule’s scope

Specify groups excluded from the enforcement rule scope. To browse for groups, click Add, select the required groups and click Save.

To configure notification scenarios

  1. Connect to the Administration site by typing the Administration site URL in the address bar of your Web browser. By default, the URL is http://<ComputerName>/PMAdminADLDS/.

    NOTE: When prompted to log in, provide your domain user name in a domainname\username format.

  2. Select the Management Policy you want to modify.
  3. Expand the Enforcement Rules section and click Remind Users to Create/Update Q&A Profiles.
  4. To add a new notification scenario, click Add, or to modify an existing notification scenario click Edit in the Apply the following notification scenarios to users from the rule’s scope section.
  5. In the User was invited to create/update Q&A profile N days ago option, enter the required number of days to apply this enforcement rule to users who were invited to register with Password Manager or update their Q&A profiles the specified number of days ago. Click Next.
  6. Edit the email notification template if necessary. Specify the following settings if required and click OK:
    • To define the default notification language, click the language link next to the Default language option and select the required language.
    • To specify the notification text in another language, click Add new language and select the required language. Notification templates in 17 languages are available out of the box (English, Chinese (Simplified), Chinese (Traditional), Danish, Dutch, French, German, Italian, Japanese, Korean, Portuguese (Brazil), Portuguese (Portugal), Russian, Spanish, Polish, Czech, Swedish).

    IMPORTANT: To send email notifications to users, you must specify an outgoing mail server (SMTP server). For more information on how to configure the SMTP server, see Outgoing Mail Servers.

Remind Users to Change Password

By using this enforcement rule you can configure Password Manager to notify users about password expiration. If you configure this notification, users will be notified by email.

The notification schedule is defined by the Reminder to Change Password scheduled task. Note that notification starts only after this scheduled task has run. For more information on the scheduled tasks, see Reminder to Change Password Task.

IMPORTANT: If you disable the Reminder to Change Password scheduled task, users will not be reminded of password expiration.

To enable the rule, on the Home page of the Administration site, expand the required enforcement rules section, click Remind Users to Change Password, and then click Enable.

To configure this enforcement rule, you must specify a user scope, conditions when an email notification should be sent and an email notification text.

To configure this rule

  1. Connect to the Administration site by typing the Administration site URL in the address bar of your Web browser. By default, the URL is http://<ComputerName>/PMAdminADLDS/.

    NOTE: When prompted to log in, provide your domain user name in a domainname\username format.

  2. Select the Management Policy you want to modify.
  3. Expand the Enforcement Rules section and click Remind Users to Change Password.
  4. To set the user scope of this rule, click Configure under Configure the rule’s scope, specify the following settings and click Save:
Table 13: Configure the scope of rule

Option

Description

Users from the user scope of the Management Policy

Select this option to include all users from the Management Policy user scope to the rule’s scope.

The following users

Select this option to specify groups included to and excluded from the rule’s scope.

Users included both in the Management Policy user scope and the following groups

Specify groups included in the rule’s scope. Note, that only users belonging both to the Management Policy user scope and the specified groups will be included in the rule’s scope. To browse for groups, click Add, select the required groups and click Save.

Users excluded from the rule’s scope

Specify groups excluded from the rule’s scope. To browse for groups, click Add, select the required groups and click Save.

  1. To specify the conditions under which users should be notified to change their passwords, click Configure under Notify users who meet the following condition, specify the number of days before password expiration and click OK.
  2. To edit the notification template, use a WYSIWYG editor in the Configure email notification section.
  3. To define the default notification language, click the language link next to the Default language option and select the required language.
  4. To specify the notification text in another language, click Add new language and select the required language. Notification templates in 17 languages are available out of the box (English, Chinese (Simplified), Chinese (Traditional), Danish, Dutch, French, German, Italian, Japanese, Korean, Portuguese (Brazil), Portuguese (Portugal), Russian, Spanish, Polish, Czech, Swedish). The language of the notification message corresponds to the language of a user’s Q&A profile. If the corresponding language is not available, the notification message is sent in the default language.
  5. Click Save.

IMPORTANT: To send email notifications to users, you must specify an outgoing mail server (SMTP server). For more information on how to configure the SMTP server, see Outgoing Mail Servers.

General Settings

General Settings Overview

This section outlines the procedures required to configure general settings that apply to all created Management Policies, such as:

  • Search and logon options
  • Import/export of configuration settings
  • Outgoing mail servers
  • Diagnostic logging
  • Scheduled tasks
  • Web interface customization
  • Reinitialization
  • Realm instances
  • AD LDS instance connections
Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating