Chat now with support
Chat with Support

Password Manager 5.13.1 - Administration Guide (AD LDS Edition)

About Password Manager Getting Started Password Manager Architecture
Password Manager Components and Third-Party Solutions Typical Deployment Scenarios Password Manager in a perimeter network Management Policy Overview Password Policy Overview reCAPTCHA Overview User Enrollment Process Overview Questions and Answers Policy Overview Data Replication Phone-Based Authentication Service Overview Configuring Management Policy
Management Policies
Checklist: Configuring Password Manager Understanding Management Policies Configuring Access to the Administration Site Configuring Access to the Legacy Self-Service Site and Password Manager Self-Service site Configuring Access to the Helpdesk Site Configuring Questions and Answers Policy Workflow overview Custom workflows Custom Activities Legacy Self-Service or Password Manager Self-Service site workflows Helpdesk Workflows User Enforcement Rules
General Settings
General Settings Overview Search and Logon Options Import/Export Configuration Settings Outgoing Mail Servers Diagnostic Logging Scheduled Tasks Web Interface Customization Instance Reinitialization Realm Instances AD LDS Instance Connections Extensibility Features RADIUS Two-Factor Authentication Internal Feedback Password Manager components and third-party applications Unregistering users from Password Manager Bulk Force Password Reset Fido2 key management Working with Redistributable Secret Management account Email Templates
Upgrading Password Manager Password Policies Enable 2FA for Administrators and Enable 2FA for HelpDesk Users Reporting Accounts Used in Password Manager for AD LDS Appendix B: Open Communication Ports for Password Manager for AD LDS Customization Options Overview Feature imparities between the legacy and the new Self-Service Sites Glossary

Legacy Self-Service or Password Manager Self-Service site workflows

The Password Manager Self-Service site has all functionality similar to the Legacy Self-Service site with a new and improved user interface. The Password Manager Self-Service site can co-exist along with the already existing Self-Service site and you can select to revert anytime to the Legacy Self-Service site.

By configuring the self-service workflows you can specify what tasks will be available for users on the Self-Service site, and configure options for each available task. Preconfigured self-service workflows are available out of the box. You can always customize the workflow, add activities to or remove them from the workflow. You can also create custom activities and custom workflows. For more information, see Custom workflows and Custom Activities.

The following are the available built-in self-service workflows:

  • Register

  • Manage My Profile

  • Forgot My Password

  • Manage My Passwords

  • Unlock My Account

  • My Notifications

  • I Have a Passcode

All built-in workflows have required activities and are ready-to-use.

The self-service workflows correspond to the tasks on the Self-Service site. If you enable a self-service workflow, the corresponding task will be available to users on the Self-Service site.

The self-service workflows provide the ability to combine different authentication options in a single workflow. For example, you can configure the authentication activities so that all secret questions are displayed on a single page, or only one secret question is displayed at a time. You can combine different authentication options such as authentication with Questions and Answers profile, Defender and phone-based authentication in a single workflow.


Use this workflow to select which registration methods to display on the User site.

Select registration mode allows the administrator to configure, which registration methods are allowed for registration to the users. Following are the three methods available for the users to register.

  • Corporate Authentication

  • Security Questions

  • Personal contact method: Email and Mobile

The selected options will be added in the Password Manager User site.

NOTE: When the administrator select registration method(s), only the respective authentication methods are visible to the administrator in Authentication methods.

Select one of the radio buttons to set the method as mandatory registration method. The administrator can set a method mandatory from Select the registration method that must be set as the mandatory registration method for users in the User site. When the administrator selects a method as mandatory, it is compulsory for users for registration in the User site. To set as mandatory registration method for the users in the Password Manager User site, select one of the following options.

  • Corporate Authentication

  • Security Questions

  • Personal contact method: Email and Mobile

  • Allow user to choose

Configuring country code drop-down menu

You can configure the options to add, remove, or modify the country code drop-down menu.

To modify the view of the drop-down menu to display the country name or the country code, navigate to the location where Password Manager is installed. Open the QPM.Service.Host.exe.config file. Add the required details in the <CountryConfig ShowWith="Attribute"> tag, where <"Attribute"> can be CountryName or CountryCode.

To add a new country code, provide the required details in the <add CountryName="<required country name>" CountryCode="<required country code>" ISDCode="<required ISD code>">.

Restart the Password Manager service to view the updates in the country code drop-down menu.

Manage My Profile

The Manage My Profile workflow allows the administrator to manage user profiles in Active Directory by using the Admin site. Manage My Profile uses settings of Register workflow.

Use this workflow only if the user's Questions and Answers profile is pending for update.

To configure the Manage My Profile workflow

  1. Select Manage My Profile workflow in the Password Manager Administration site.

  2. Click Settings.

  3. Select Run this activity only if user's profile should be updated.

NOTE: In case of an upgrade from 5.8.2 to 5.9.x, if the user is registered with Personal Contact Method(Mobile) in 5.8.2, then the user will be prompted to re-enter the country code as well as the mobile number, the very first-time (post-upgrade to 5.9.x) while trying to update the profile through the Manage My Profile workflow.

Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating