Chat now with support
Chat with Support

Password Manager 5.14.3 - Administration Guide

About Password Manager Getting started Password Manager architecture
Password Manager components and third-party applications Typical deployment scenarios Password Manager in a perimeter network Management Policy overview Password policy overview Secure Password Extension overview reCAPTCHA overview User enrollment process overview Questions and Answers policy overview Password change and reset process overview Data replication Phone-based authentication service overview
Management policies
Checklist: Configuring Password Manager Understanding Management Policies Adding or cloning a new Management Policy Configuring access to the Administration Site Configuring access to the Password Manager Self-Service Site Configuring access to the Helpdesk Site Configuring Questions and Answers policy Workflow overview Custom workflows Custom activities Password Manager Self-Service Site workflows Helpdesk workflows Notification activities User enforcement rules
General Settings
General Settings overview Search and logon options Importing and exporting configuration settings Outgoing mail servers Diagnostic logging Scheduled tasks Web Interface customization Instance reinitialization Realm Instances Domain Connections Extensibility features RADIUS Two-Factor Authentication Internal Feedback Customizing help link URL Password Manager components and third-party applications Unregistering users from Password Manager Bulk Force Password Reset Fido2 key management Working with Redistributable Secret Management account Email templates
Upgrading Password Manager Administrative Templates Secure Password Extension Password Policies Enable 2FA for administrators and helpdesk users Reporting Password Manager integration Accounts used in Password Manager Open communication ports for Password Manager Customization options overview Glossary

Enable Account

Use this activity to enable users’ disabled accounts. You can use the activity in different workflows. It is recommended to place this activity after authentication activities in a workflow.

NOTE: If you want to enable only the user accounts disabled through force enrollment, in the activity settings, select Enable user accounts disabled by force enrollment check box.

For example, to enable users with disabled accounts to reset passwords and enable their accounts, you can use the Enable Account activity in the Forgot My Password workflow:

  1. Authenticate user with Q&A profile.

  2. Enable account.

  3. Reset password in Active Directory.

  4. Restart workflow if error occurs.

  5. Email user if workflow succeeds.

  6. Email user if workflow fails.

Force user to change password at next logon

Use this activity when users want to change their passwords during the next logon.

For example, you can use this activity in the Reset Password workflow and can force users to change passwords at the next logon once the password has been reset by a helpdesk operator.

To allow users to change password at the next logon, the helpdesk operator must select Helpdesk operators can choose whether to force users to change password at next logon check box available in the Force user to change password at next logon activity.

It is recommended to place this activity after the Reset Password activity in a workflow.

Assign Passcode

This activity is a core activity of the Assign Passcode workflow. It allows helpdesk operators to assign a passcode to the user who has forgotten password and is not yet registered with Password Manager or has forgotten answers to secret questions.

This activity has the following settings:

  • Passcode length: Specify how many characters a passcode must contain.

  • Passcode lifetime: Specify how long a passcode issued by helpdesk operators is valid.

Select the Generate Passcode and send it in SMS checkbox to send the passcode via SMS or select the Generate Passcode and send it in e-mail to send the passcode in e-mail to the user's device to authenticate on the Password Manager Self-Service Site.

NOTE: To select Generate Passcode and send it in SMS, you must have a valid license with telephone verification. To select Generate Passcode and send it in e-mail, you must configure at least one SMTP server.

Unlock Q&A Profile

This activity is a core activity of the Unlock Q&A Profile workflow. It allows helpdesk operators to unlock users’ Questions and Answers profiles using the Helpdesk Site.

You do not need to configure any settings for this activity.

Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating