Chat now with support
Chat with Support

Password Manager 5.14.3 - Administration Guide

About Password Manager Getting started Password Manager architecture
Password Manager components and third-party applications Typical deployment scenarios Password Manager in a perimeter network Management Policy overview Password policy overview Secure Password Extension overview reCAPTCHA overview User enrollment process overview Questions and Answers policy overview Password change and reset process overview Data replication Phone-based authentication service overview
Management policies
Checklist: Configuring Password Manager Understanding Management Policies Adding or cloning a new Management Policy Configuring access to the Administration Site Configuring access to the Password Manager Self-Service Site Configuring access to the Helpdesk Site Configuring Questions and Answers policy Workflow overview Custom workflows Custom activities Password Manager Self-Service Site workflows Helpdesk workflows Notification activities User enforcement rules
General Settings
General Settings overview Search and logon options Importing and exporting configuration settings Outgoing mail servers Diagnostic logging Scheduled tasks Web Interface customization Instance reinitialization Realm Instances Domain Connections Extensibility features RADIUS Two-Factor Authentication Internal Feedback Customizing help link URL Password Manager components and third-party applications Unregistering users from Password Manager Bulk Force Password Reset Fido2 key management Working with Redistributable Secret Management account Email templates
Upgrading Password Manager Administrative Templates Secure Password Extension Password Policies Enable 2FA for administrators and helpdesk users Reporting Password Manager integration Accounts used in Password Manager Open communication ports for Password Manager Customization options overview Glossary

Email templates

Password Manager provides the option to set the default template for confirmation e-mail. To send an auto generated email to user if workflow succeeds or fails, configure the email template from the General Settings tab for authentication.

To configure default e-mail template:

  1. On the home page of the Administration Site, click General Settings, then click the Email Template tab.

  2. Select the desired language from the Select language to customize template drop-down menu, to customize the email template.

  3. Click the + sign before the desired workflow to edit the template. Edit the subject and body of the notification template in the default language as required. When editing the notification template, you can use the parameters available in the notification editor, for example #USER_ACCOUNT_NAME#, #WORKFLOW_RESULT#, and others.

  4. In the Message format drop-down, select the format to use for the notifications. You can select from two options: either HTML or Plain text.

  5. Select the default language from the Select default language for email drop down menu, to select the default email template to send to the user.

  6. In the User notification settings, select one of the following options for user notification subscription:

    • Subscribe users to this notification. Allow users to unsubscribe.

    • Subscribe users to this notification. Do not allow users to unsubscribe.

    • Do not subscribe users to this notification. Allow users to subscribe to this notification.

  7. Click Save, to save the settings

Upgrading Password Manager

Upgrade requirements

Before you start the upgrade process, follow this checklist to ensure you have made the necessary preparations and met the essential upgrade requirements.

Table 13: Upgrade checklist

Step

Comment

Back up the current configuration by doing one of the following:

  • Export the configuration file using the Import/Export option in General Settings and import the same file after the upgrade.
  • Create a copy of the ProgramData folder in the C:\ProgramData\One Identity\Password Manager for future reference.

UI customizations will be lost during upgrade. Follow the steps to save the configuration. For more information on saving the configuration, see Importing and exporting configuration settings.

Ensure that you installed or upgraded the third-party redistributable packages required for the latest version of Password Manager.

 

Ensure that you know the user name and password for domain management accounts.

For more information on what permissions are required for a domain management account, see Configuring permissions for domain management account.

Ensure that Password Manager Service account is a member of the Administrators group on the Web server where Password Manager is installed.

 

Ensure that in IIS 7.0 or later, application pool identity account is a member of the IIS_IUSRS local group. This account must also have permissions to create files in the <Password Manager installation folder>\App_Data folder.

 

Ensure that you know the user name and password for SQL database account.

That is needed only if Password Manager Service account is configured to use special SQL account (different from Password Manager Service account) to access the SQL database.

Ensure that the account, that is used to upgrade Password Manager, is a member of the local Administrators group on the server where you upgrade the product.

 

Ensure that the account, that is used to upgrade Password Manager, is a member of the database creators (db_creator) fixed role on the SQL server hosting the Password Manager configuration database.

 

About Secure Password Extension

Secure Password Extension is an application that provides access to the complete functionality of the Self-Service Site from the Windows logon screen. Secure Password Extension also provides dialogs displayed on end-user computers, these dialogs notify users who must create or update their Questions and Answers profiles.

Secure Password Extension is included on the installation CD and is deployed through Group Policy. For information on how to deploy and configure Secure Password Extension on end-user workstations in the managed domain, see Deploying and configuring Secure Password Extension.

IMPORTANT: Secure Password Extension may be deployed on different workstations by applying different GPOs. This allows you to not upgrade Secure Password Extension on all the workstations at one time, but do it in several steps depending on your needs and preferences.

You can centrally upgrade workstations to the latest version of Secure Password Extension by assigning the software for deployment using Group Policy. It is recommended to remove the existing MSI package from the Software installation list, and then assign the latest-version package.

IMPORTANT: By default, Secure Password Extension uses the URL of the Self-Service Site installed on the computer where Password Manager Service runs. You can modify the URL on the General Settings|Realm Instances page of the Administration Site.

To remove the existing and assign a latest-version package

  1. Remove the assigned package (Quest Secure Password Extension x86.msi or Quest Secure Password Extension x64.msi) from the list of software to be installed.

  2. Add the latest-version MSI packages to the list of software to be installed.

When upgrading Secure Password Extension, do not forget to upgrade the prm_gina.admx administrative template with the one located in the \Password Manager\Setup\Template\Administrative Template\ folder of the installation media.

During upgrade of prm_gina.admx administrative template, the previously made template settings are preserved and picked up by newer versions.

Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating