Chat now with support
Chat with Support

Password Manager 5.12.3 - Administration Guide (AD LDS Edition)

About Password Manager Getting Started Upgrading Password Manager Password Manager Architecture
Password Manager Components and Third-Party Solutions Typical Deployment Scenarios Password Manager in Perimeter Network Management Policy Overview Password Policy Overview reCAPTCHA Overview User Enrollment Process Overview Questions and Answers Policy Overview Data Replication Phone-Based Authentication Service Overview Configuring Management Policy
Management Policies
Checklist: Configuring Password Manager Understanding Management Policies Configuring Access to the Administration Site Configuring Access to the Self-Service Site Configuring Access to the Helpdesk Site Configuring Questions and Answers Policy Workflow overview Custom workflows Custom Activities Self-Service Workflows Helpdesk Workflows User Enforcement Rules
General Settings
General Settings Overview Search and Logon Options Import/Export Configuration Settings Outgoing Mail Servers Diagnostic Logging Scheduled Tasks Web Interface Customization Instance Reinitialization Realm Instances AD LDS Instance Connections Extensibility Features RADIUS Two-Factor Authentication Password Manager components and third-party applications Unregistering users from Password Manager Bulk Force Password Reset Working with Redistributable Secret Management account Email Templates
Password Policies Enable S2FA for Administrators and Enable S2FA for HelpDesk Users Reporting Accounts Used in Password Manager for AD LDS Open Communication Ports for Password Manager for AD LDS Customization Options Overview Feature imparities between the legacy and the new Self-Service Sites Glossary

Reporting Services Firewall Issues

If Password Manager fails to operate properly when Reporting Services are separated from Password Manager by a firewall, specific ports should be open in the firewall.

To get the complete list of Password Manager server port numbers, that have to be open for the application to function properly, see Appendix B: Open Communication Ports for Password Manager for AD LDS.

 

Accounts Used in Password Manager for AD LDS

The following accounts can be used in Password Manager:

  • Password Manager Service account

  • Application pool identity

  • Access account for AD LDS

  • Password policy account

  • Account for One Identity Quick Connect

Password Manager Service Account

Password Manager Service account is used to install Password Manager. For Password Manager to run successfully, Password Manager Service account must be a member of the Administrators group on the Web server where Password Manager is installed.

Application Pool Identity

Application pool identity is an account under which the application pool's worker process runs. The account you specify as the application pool identity during Password Manager setup will be used to run Password Manager Web sites.

Application pool identity account must meet the following requirements:

  • This account must be a member of the IIS_IUSRS local group on the Web server in IIS 7.0.
  • This account must have permissions to create files in the <Password Manager installation folder>\App_Data folder.
  • Application pool identity account must the full control permission set for the following registry keys: HKEY_LOCAL_MACHINE\SOFTWARE\One Identity\Password Manager for AD LDS.
Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating