Chat now with support
Chat with Support

Password Manager 5.13.1 - Administration Guide (AD LDS Edition)

About Password Manager Getting Started Password Manager Architecture
Password Manager Components and Third-Party Solutions Typical Deployment Scenarios Password Manager in a perimeter network Management Policy Overview Password Policy Overview reCAPTCHA Overview User Enrollment Process Overview Questions and Answers Policy Overview Data Replication Phone-Based Authentication Service Overview Configuring Management Policy
Management Policies
Checklist: Configuring Password Manager Understanding Management Policies Configuring Access to the Administration Site Configuring Access to the Legacy Self-Service Site and Password Manager Self-Service site Configuring Access to the Helpdesk Site Configuring Questions and Answers Policy Workflow overview Custom workflows Custom Activities Legacy Self-Service or Password Manager Self-Service site workflows Helpdesk Workflows User Enforcement Rules
General Settings
General Settings Overview Search and Logon Options Import/Export Configuration Settings Outgoing Mail Servers Diagnostic Logging Scheduled Tasks Web Interface Customization Instance Reinitialization Realm Instances AD LDS Instance Connections Extensibility Features RADIUS Two-Factor Authentication Internal Feedback Password Manager components and third-party applications Unregistering users from Password Manager Bulk Force Password Reset Fido2 key management Working with Redistributable Secret Management account Email Templates
Upgrading Password Manager Password Policies Enable 2FA for Administrators and Enable 2FA for HelpDesk Users Reporting Accounts Used in Password Manager for AD LDS Appendix B: Open Communication Ports for Password Manager for AD LDS Customization Options Overview Feature imparities between the legacy and the new Self-Service Sites Glossary

System Requirements for Using reCAPTCHA

To be able to use reCAPTCHA on the Password Manager sites, make sure the following requirements are met:


Use the following resource for additional information on the reCAPTCHA service:

User Enrollment Process Overview

To enforce users to register with Password Manager you can use two enforcement rules: Invite users to create/update Q&A profiles and Remind users to create/update Q&A profiles.

To start the enrollment process, you need to enable and configure the Invite users to create/update Q&A profiles rule. This rule sends email notifications to the users specified in the rule’s scope, inviting them to create or update their Q&A profiles. When configuring email notifications for this rule, you can insert a hyperlink to the Self-Service site. To add the hyperlink, enter the required URL in the email notification body. For example, Note, that you cannot specify the hyperlink text.

To configure the Invite users to create/update Q&A profiles enforcement rule, you need to specify the conditions under which users should be notified. For example, users are not registered with Password Manager, users’ answers are shorter than required or users have specified the same answers for several questions. These conditions correspond to the Q&A profile settings that are part of the Q&A policy. For more information, see Configuring Q&A Profile Settings. For more information on configuring this enforcement rule, see Invite Users to Create/Update Profiles.

Note that only one email notification is sent to each user. If you want to remind users that they should register with Password Manager or update their Q&A profiles and send multiple emails, enable and configure the Remind users to create/update Q&A profiles enforcement rule.

The Remind users to create/update Q&A profiles enforcement rule can notify users via email. When configuring this rule, you can specify several notification scenarios. For each scenario, you should set the time period since the invitation date.

For more information on configuring this enforcement rule, see Remind Users to Create/Update Profiles.

If you want to configure different notification scenarios for different user groups, you can create several Management Policies, and within each Management Policy configure the Remind users to create/update Q&A profiles enforcement rule appropriately for different user groups.

Questions and Answers Policy Overview

Questions and Answers policy consists of secret questions and Q&A profile settings. Secret questions are questions that users must answer to create their profiles and then use the profiles for authentication. You can create question lists in multiple languages. Each question list contains mandatory, optional, and helpdesk questions. When creating profiles, users must answer all mandatory and helpdesk questions, and a specified number of optional and user-defined questions. You can specify the required number of question in the Q&A profile settings.

When authenticating on the Self-Service site with Q&A profiles, users can use mandatory, optional and user-defined questions from their profiles. When a helpdesk operator authenticates users, the operator can use mandatory and helpdesk questions from users’ profiles.

Q&A profile settings are a collection of settings that define the number of user-defined and optional questions required for registration, minimum length of answers, encryption setting for storing answers, and others.

Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating