Chat now with support
Chat with Support

Password Manager 5.14.3 - Administration Guide (AD LDS Edition)

About Password Manager Getting Started Password Manager Architecture
Password Manager Components and Third-Party Solutions Typical Deployment Scenarios Password Manager in a perimeter network Management Policy Overview Password Policy Overview reCAPTCHA Overview User Enrollment Process Overview Questions and Answers Policy Overview Data Replication Phone-Based Authentication Service Overview Configuring Management Policy
Management Policies
Checklist: Configuring Password Manager Understanding Management Policies Adding or cloning a new Management Policy Configuring Access to the Administration Site Configuring Access to the Password Manager Self-Service Site Configuring Access to the Helpdesk Site Configuring Questions and Answers Policy Workflow overview Custom workflows Custom Activities Password Manager Self-Service Site workflows Helpdesk Workflows User Enforcement Rules
General Settings
General Settings Overview Search and Logon Options Import/Export Configuration Settings Outgoing Mail Servers Diagnostic Logging Scheduled Tasks Web Interface Customization Instance Reinitialization Realm Instances AD LDS Instance Connections Extensibility Features RADIUS Two-Factor Authentication Internal Feedback Customizing help link URL Password Manager components and third-party applications Unregistering users from Password Manager Bulk Force Password Reset Fido2 key management Working with Redistributable Secret Management account Email templates
Upgrading Password Manager Password Policies Enable 2FA for Administrators and Enable 2FA for HelpDesk Users Reporting Accounts Used in Password Manager for AD LDS Appendix B: Open Communication Ports for Password Manager for AD LDS Customization Options Overview Glossary

Manage My Profile

The Manage My Profile workflow allows the administrator to manage user profiles in Active Directory by using the Administration Site. Manage My Profile uses settings of Register workflow.

Use this workflow only if the user's Questions and Answers profile is pending for update.

To configure the Manage My Profile workflow

  1. Select Manage My Profile workflow in the Password Manager Administration Site.

  2. Click Settings.

  3. Select Run this activity only if user's profile should be updated.

NOTE: In case of an upgrade from 5.8.2 to 5.9.x, if the user is registered with Personal Contact Method(Mobile) in 5.8.2, then the user will be prompted to re-enter the country code as well as the mobile number, the very first-time (post-upgrade to 5.9.x) while trying to update the profile through the Manage My Profile workflow.

Forgot My Password

You can use this workflow to configure the Forgot My Password task for the Self-Service Site. The Forgot My Password task allows users to reset passwords for their accounts in AD LDS and in connected data sources (if integration with One Identity Quick Connect Sync Engine is configured) by using the Self-Service Site. For more information on using One Identity Quick Connect Sync Engine, see Reset Password in AD LDS and Connected Systems.

IMPORTANT: To display password policies on the Self-Service Site when users reset passwords, add connections to AD LDS instances on the Password Policies tab of the Administration Site. For more information see Creating a Password Policy.

The default configuration of this workflow is the following:

  1. Authentication Methods

  2. Lock Q&A profile.

  3. Reset password in AD LDS.

  4. Restart workflow if error occurs.

  5. Email user if workflow succeeds.

  6. Email user if workflow fails.

Manage My Passwords

You can use this workflow to configure the Manage My Passwords task for the Self-Service Site. By using this task, users can manage passwords for their accounts in AD LDS and in connected data sources (if integration with One Identity Quick Connect Sync Engine is configured), by using the Self-Service Site. For more information on using One Identity Quick Connect Sync Engine, see Change Password in AD LDS and Connected Systems.

IMPORTANT: To display password policies on the Self-Service Site when users change passwords, add the required application director partitions on the Password Policies tab of the Administration Site. For more information see Creating a Password Policy.

The default configuration of this workflow is the following:

  1. Authenticate with password.

  2. Change password in AD LDS.

  3. Restart workflow if error occurs.

  4. Email user if workflow succeeds.

  5. Email user if workflow fails.

Unlock My Account

You can use this workflow to configure the Unlock My Account task for the Self-Service Site. Users use this task to unlock their accounts if they are locked out.

The default configuration of this workflow is the following:

  1. Authentication Methods

  2. Lock Q&A profile.

  3. Unlock account.

  4. Restart workflow if error occurs.

  5. Email user if workflow succeeds.

  6. Email user if workflow fails.

Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating