Chat now with support
Chat with Support

Password Manager 5.14.3 - Administration Guide (AD LDS Edition)

About Password Manager Getting Started Password Manager Architecture
Password Manager Components and Third-Party Solutions Typical Deployment Scenarios Password Manager in a perimeter network Management Policy Overview Password Policy Overview reCAPTCHA Overview User Enrollment Process Overview Questions and Answers Policy Overview Data Replication Phone-Based Authentication Service Overview Configuring Management Policy
Management Policies
Checklist: Configuring Password Manager Understanding Management Policies Adding or cloning a new Management Policy Configuring Access to the Administration Site Configuring Access to the Password Manager Self-Service Site Configuring Access to the Helpdesk Site Configuring Questions and Answers Policy Workflow overview Custom workflows Custom Activities Password Manager Self-Service Site workflows Helpdesk Workflows User Enforcement Rules
General Settings
General Settings Overview Search and Logon Options Import/Export Configuration Settings Outgoing Mail Servers Diagnostic Logging Scheduled Tasks Web Interface Customization Instance Reinitialization Realm Instances AD LDS Instance Connections Extensibility Features RADIUS Two-Factor Authentication Internal Feedback Customizing help link URL Password Manager components and third-party applications Unregistering users from Password Manager Bulk Force Password Reset Fido2 key management Working with Redistributable Secret Management account Email templates
Upgrading Password Manager Password Policies Enable 2FA for Administrators and Enable 2FA for HelpDesk Users Reporting Accounts Used in Password Manager for AD LDS Appendix B: Open Communication Ports for Password Manager for AD LDS Customization Options Overview Glossary

In-place upgrade from 5.8.2 or later versions to 5.14.3

This section describes how to perform an in-place upgrade from version 5.8.2 or later to version 5.14.3.

To in-place upgrade from version 5.8.2 or later versions to version 5.14.3

  1. From the autorun window of the installation media, click Install against Password Manager x64 option. Read the content and click Next.

  2. Read the content in the Risk of data loss! window and select I acknowledge the above instructions ,and then click Next.

  3. Select I accept the terms in License Agreement, then click Next.

  4. In the Configuration Backup window, provide the File Location and set a new password, and then click Next.

    NOTE: Do not forget to store the password securely as it is required to import the configuration post upgrade. The backup of the configuration data is now saved in the provided file location.

  5. In the Password Manager Service Account Information window, enter the account name and the password details, and then click Next.

  6. In the Specify Web Site and Application Pool Identity window, choose the website name, enter the account name and the password, and then click Next.

  7. After completing the above process, click Install.

Upon successful installation, the Password Manager installs the following sites:

  • Administration Site

  • Helpdesk Site

  • Password Manager Self-Service Site

NOTE: The above mentioned upgrade steps are not applicable for 5.7.1 or other lower versions.

Manual upgrade from 5.9.x or later versions

Uninstall Password Manager 5.9.x or later versions, then install Password Manager 5.14.3 on the computer where Password Manager 5.9.x or later versions was installed. For more information, see Upgrading Password Manager.

To manually upgrade from 5.9.x or later versions to version 5.14.3

  1. From the autorun window of the installation media, click Install against Password Manager x64 option. Read the content and click Next.

  2. Select I accept the terms in License Agreement check box, and then click Next.

  3. In the User Information page, enter the user details such as the username and the organization to which the user belongs to, and then click Next.

    • To verify licenses information, click Licenses…, then check the statuses of the license.

    NOTE: If the license has expired, click Browse license… and select the appropriate license to continue the Password Manager service.

  4. In the Custom Setup page, click the respective option that needs to be installed, and then click Next.

  5. In the Password Manager Service Account Information page, the account name appears by default. Enter the password, and then click Next.

    NOTE: To change the account name, click Browse… and select the appropriate Password Manager service account name.

  6. In the Specify Web Site and Application Pool Identity page, choose the website name, and in the Application pool identity section, the account name appears by default. Enter the password, and then click Next .

    NOTE: To change the account name, click Browse… and select the appropriate Application Pool Identity account name.

  7. After completing the above process, click Install.

Upon successful installation, the Password Manager installs the following sites:

  • Administration Site
  • Helpdesk Site
  • Password Manager Self-Service Site

NOTE:

  • Make sure that you have taken a back up of the current configuration settings. For more information, see To export configuration settings from Password Manager 5.7.1 or later versions.

  • After you uninstall Password Manager 5.7.1 or later versions, all configuration settings will be automatically detected by the new version. For more information on how to install Password Manager, see Installing Password Manager for AD LDS.

  • If you have multiple Password Manager instances installed, when upgrading them, you may experience the following issue: the Realm Instances page of the Administration Site displays an incorrect list of installed instances. After you upgrade all instances, the page will display the correct list.

IMPORTANT:

  • Switch to the Password Manager self Service site(Self-Service UI version 5.9.5 onwards) option is displayed only in case of in place upgrade.

Password Policies

About Password Policies

By default, an AD LDS instance applies existing local or domain password policies. If a server on which AD LDS is installed belongs to a workgroup, the server’s local password policy settings and account lockout settings are enforced. If the server on which AD LDS is running belongs to a domain, the password policy settings and account lockout settings from the domain are enforced.

You can use Password Manager to create additional password policies that define which passwords to reject or accept. For each policy, you can configure a number rules, for example, a password age rule, complexity and length rules, custom rule, and others. It is recommended to use the custom rule to display the settings of the local or domain password policy applied to the server on which AD LDS is running. For more information, see Custom Rule.

Password policy settings are stored in Group Policy objects (GPOs). A GPO is applied to a target Organizational Unit. Group Policy objects from parent containers are inherited by default. When multiple Group Policy objects are applied, the policy settings are aggregated. For information on how to apply a password policy and change the policy priority, see Managing Password Policy Scope.

Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating