Chat now with support
Chat with Support

Password Manager 5.13.0 - Administration Guide

About Password Manager Getting Started Password Manager Architecture
Password Manager Components and Third-Party Solutions Typical Deployment Scenarios Password Manager in Perimeter Network Management Policy Overview Password Policy Overview Secure Password Extension Overview reCAPTCHA Overview User Enrollment Process Overview Questions and Answers Policy Overview Password Change and Reset Process Overview Data Replication Phone-Based Authentication Service Overview
Management Policies
Checklist: Configuring Password Manager Understanding Management Policies Configuring Access to the Administration Site Configuring Access to the Self-Service Site Configuring Access to the Helpdesk Site Configuring Questions and Answers Policy Workflow overview Custom workflows Custom Activities Self-Service Workflows Helpdesk Workflows Notification Activities User Enforcement Rules
General Settings
General Settings Overview Search and Logon Options Import/Export Configuration Settings Outgoing Mail Servers Diagnostic Logging Scheduled Tasks Web Interface Customization Instance Reinitialization Realm Instances Domain Connections Extensibility Features RADIUS Two-Factor Authentication Internal Feedback Password Manager components and third-party applications Unregistering users from Password Manager Bulk Force Password Reset Fido2 key management Working with Redistributable Secret Management account Email Templates
Upgrading Password Manager Administrative Templates Secure Password Extension Password Policies Enable S2FA for Administrators & Enable S2FA for HelpDesk Users Reporting Password Manager Integration Accounts Used in Password Manager Open Communication Ports for Password Manager Customization Options Overview Feature imparities between the legacy and the new Self-Service Sites Glossary

Simple Deployment

 

In this scenario, you install all main Password Manager components, that is, the Password Manager Service, Administration, Self-Service and Helpdesk sites on a single server. This is the simplest deployment scenario, which can be used in small environments and for demonstration purposes.

Deployment of the Legacy Self-Service, Password Manager Self-Service site and Helpdesk Sites on Standalone Servers

Deployment of the Legacy Self-Service, Password Manager Self-Service and Helpdesk Sites on Standalone Servers

In this scenario, you install the Legacy Self-Service site, Password Manager Self-Service site, Helpdesk site, or both on a standalone server. Note that the Administration site cannot be installed separately from the Password Manager Service.

You can use this scenario to deploy Password Manager in an environment with a perimeter network. Installation of the Legacy Self-Service site or the Password Manager Self-Service site in the perimeter network enhances the security of your environment while preventing access to your internal network.

When deploying Password Manager in an environment with the perimeter network, it is recommended to do a full installation of Password Manager in the internal corporate network, and then install the Self-Service site in the perimeter network.

When you use this installation scenario, only one port should be open in the firewall between the corporate network and the perimeter network (by default, port number 8081 for the Legacy Self-Service site or Password Manager Self-Service site).

Realm Deployment

 

In this scenario, you install several Password Manager Services on separate servers. If all the instances of Password Manager share the same configuration (management policies, general settings, password policies, encryption algorithm, encryption key length, hashing algorithm, attribute for storing configuration data, and realm affinity ID), they are referred to as a realm.

The realm provides for high availability of the service, load balancing, and fault tolerance.

For Password Manager Service instances installed on separate servers, you can use a load balancer to enhance service availability.

To create the Password Manager realm, you need to create replicas of an existing instance by exporting settings from this instance and importing the settings to a new instance.

For more information on how to create realms, see Import/Export Configuration Settings .

Multiple Realm Deployment

 

In this scenario, you deploy several Password Manager realms in your environment. You can use this scenario in a complex environment, when several Password Manager configurations are required.

For example, a service provider can deploy two Password Manager realms, one realm to service company A, and the other to company B.

You can also use this scenario for a test deployment of Password Manager. In this case, the first realm is a production deployment of Password Manager, and the second realm can be used for testing purposes.

Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating