Chat now with support
Chat with Support

Password Manager 5.13.1 - Administration Guide (AD LDS Edition)

About Password Manager Getting Started Password Manager Architecture
Password Manager Components and Third-Party Solutions Typical Deployment Scenarios Password Manager in a perimeter network Management Policy Overview Password Policy Overview reCAPTCHA Overview User Enrollment Process Overview Questions and Answers Policy Overview Data Replication Phone-Based Authentication Service Overview Configuring Management Policy
Management Policies
Checklist: Configuring Password Manager Understanding Management Policies Configuring Access to the Administration Site Configuring Access to the Legacy Self-Service Site and Password Manager Self-Service site Configuring Access to the Helpdesk Site Configuring Questions and Answers Policy Workflow overview Custom workflows Custom Activities Legacy Self-Service or Password Manager Self-Service site workflows Helpdesk Workflows User Enforcement Rules
General Settings
General Settings Overview Search and Logon Options Import/Export Configuration Settings Outgoing Mail Servers Diagnostic Logging Scheduled Tasks Web Interface Customization Instance Reinitialization Realm Instances AD LDS Instance Connections Extensibility Features RADIUS Two-Factor Authentication Internal Feedback Password Manager components and third-party applications Unregistering users from Password Manager Bulk Force Password Reset Fido2 key management Working with Redistributable Secret Management account Email Templates
Upgrading Password Manager Password Policies Enable 2FA for Administrators and Enable 2FA for HelpDesk Users Reporting Accounts Used in Password Manager for AD LDS Appendix B: Open Communication Ports for Password Manager for AD LDS Customization Options Overview Feature imparities between the legacy and the new Self-Service Sites Glossary

TeleSign

TeleSign is a service that provides phone-based authentication for Password Manager users. To enable the TeleSign service, it must be covered by your license and the administrator must configure the Authenticate via Phone activity and include the activity in corresponding workflows. If TeleSign is enabled, when performing a task on the Self-Service or Helpdesk site, users will be prompted to select their phone number, to which a one-time code will be sent by TeleSign, and then enter the code on the site for verification.

TeleSign service is available anywhere where users can receive calls or text messages. To receive verification codes, users do not need to install any applications on their phones.

To communicate with TeleSign, Password Manager uses REST API.

For more information, see Phone-Based Authentication Service Overview.

SQL Server Database and SQL Server Reporting Services

Using a SQL database and SQL Server Reporting Services you can manage reports that allow you to analyze how the application is used.

The available out-of-the-box reports help you track user registration activity, Helpdesk tasks, user statuses, and so on.

For more information, see Reporting and User Action History Overview.

One Identity Quick Connect Sync Engine

One Identity Quick Connect Sync Engine is a One Identity product that provides unified identity and access management. Integrating Password Manager with Quick Connect Sync Engine allows you to enable users and Helpdesk operators to manage their passwords across different connected data sources.

To use Quick Connect Sync Engine, configure Change password in Active Directory and connected systems or Reset password in Active Directory and connected systems activities.

To communicate with Quick Connect Sync Engine, Password Manager uses Transmission Control Protocol (TCP).

For more information, seeReset Password in AD LDS and Connected Systems.

Defender

IMPORTANT: Authenticating with Defender is an activity not supported with the current release of Password Manager AD LDS.

Defender is a One Identity product that provides two-factor authentication. Defender uses one-time passwords generated by special hardware or software tokens. If Password Manager is integrated with Defender, users can use one-time passwords to authenticate themselves on the Self-Service Site.

To use Defender with Password Manager, install the Defender Client SDK on the server on which Password Manager Service is installed.

For more information, see Authenticate with Defender.

Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating