Chat now with support
Chat with Support

Password Manager 5.7.1 - Administration Guide

About Password Manager Getting Started Password Manager Architecture
Password Manager Components and Third-Party Solutions Typical Deployment Scenarios Password Manager in Perimeter Network Management Policy Overview Password Policy Overview Secure Password Extension Overview reCAPTCHA Overview User Enrollment Process Overview Questions and Answers Policy Overview Password Change and Reset Process Overview Data Replication Phone-Based Authentication Service Overview
Management Policies
Checklist: Configuring Password Manager Understanding Management Policies Configuring Access to the Administration Site Configuring Access to the Self-Service Site Configuring Access to the Helpdesk Site Configuring Questions and Answers Policy Workflow Overview Custom Workflows Custom Activities Self-Service Workflows Helpdesk Workflows Notification Activities User Enforcement Rules
General Settings Upgrading Password Manager Secure Password Extension Password Policies Reporting Password Manager Integration Appendixes Glossary About us

Password Manager Components

Password Manager Components

Password Manager includes the following components:

Table 1:

 

Component

Description

Importance

Password Manager x86

The suite of role-based sites that expose the functionality of Password Manager to end users. Must be installed on a 32-bit machine.

Required

Password Manager x64

The suite of role-based sites that expose the functionality of Password Manager to end users. Must be installed on a 64-bit machine.

Required

Password Policy Manager x86

Password Policy Manager is designed to enforce domain password policies set with Password Manager. If you choose to install this component, you must install it on all domain controllers running a 32-bit Microsoft Windows Server operating system.

Optional

Password Policy Manager x64

Password Policy Manager is designed to enforce domain password policies set with Password Manager. If you choose to install this component, you must install it on all domain controllers running a 64-bit Microsoft Windows Server operating system.

Optional

Secure Password Extension x86

Secure Password Extension x86 facilitates access to the Self-Service site from the Windows logon screen and displays registration notifications. Secure Password Extension x86 is intended to be deployed on computers running 32-bit versions of Microsoft Windows operating systems.

Optional

Secure Password Extension x64

The Secure Password Extension facilitates access to the Self-Service site from the Windows logon screen and displays registration notifications. Secure Password Extension x64 is intended to be deployed on computers running a 64-bit operating system.

Optional

Offline Password Reset x86

Offline Password Reset enables users to use the offline password reset functionality provided by Password Manager. This functionality allows resetting passwords when users have forgotten their current passwords and their computers are not connected to the intranet (Active Directory is not available). Offline Password Reset x86 is intended to be deployed on computers running a 32-bit operating system.

Optional

Offline Password Reset x64

Offline Password Reset enables users to use the offline password reset functionality provided by Password Manager. This functionality allows resetting passwords when users have forgotten their current passwords and their computers are not connected to the intranet (Active Directory is not available). Offline Password Reset x64 is intended to be deployed on computers running a 64-bit operating system.

Optional

Migration Wizard (part of Password Manager 5.7.1)

Migration Wizard allows you to convert users' Questions and Answers profiles from 5.x.x to 5.7.1.

Optional

 

Licensing

The Password Manager license specifies the maximum number of user accounts enabled for management by Password Manager in all managed domains. When launching the Administration site, Password Manager counts the actual number of user accounts, and compares it with the maximum number specified by the license. If the actual number exceeds the maximum licensed number, a license violation occurs. A warning message is displayed on every connection to the Administration site of Password Manager.

In the event of a license violation, you have the following options:

Exclude a number of user accounts from the user accounts managed by Password Manager to bring your license count in line with the licensed value and reconnect to the Administration site to recalculate the license number.

Remove one or more managed domain to decrease the number of managed user accounts.

Purchase a new license with a greater number of user accounts, and then update your license using the instructions provided later in this section.

Note that the following items are not limited by the license:

The number of computers connected to the Administration, Self-Service, and Helpdesk sites of Password Manager.

The number of Password Manager instances in a large enterprise, Password Manager can be installed on multiple computers for enhanced performance and fault tolerance.

Installing the License

The license is initially installed when you install the Password Manager:

  1. In the Installation Wizard, click Licenses to display the License status dialog box.
  2. Click Browse license, locate and open your license key file using the Select License File dialog box, and then click Close.

Some license types may include counters for managed persons and managed external persons along with a counter for user accounts. Managed persons are users that have several accounts; for example, one managed person can have three user accounts. Managed external persons are external or temporary employees. The same license violation policy is applied to managed persons and managed external persons as to user accounts. To specify these user groups, use the corresponding license scopes after you install Password Manager.

Note, that such scopes are available only if your license includes managed persons and managed external persons.

To add a domain to the managed persons scope

  1. On the menu bar of the Administration site, click Licensing.
  2. On the Licenses page, click the Managed Persons tab.
  3. On the Scope of Managed Persons page, click Add domain connection.
  4. If domain connections already exist, select a domain connection from the list. If you want to create a new connection, click Add domain connection.
  5. If you selected to create the new domain connection, in the Add New Domain Connection dialog, configure access to the domain by doing the following:
    • In the Domain name text box, type the name of the domain that you want to register with Password Manager.
    • In the Domain alias text box, type the alias for the domain which will be used to address the domain on the Self-Service site.
    • To have Password Manager access the managed domain using the Password Manager Service account, select Password Manager Service account. Otherwise, select Domain management account, and then enter user name and password for the domain management account. Note, that if Password Manager Service account is used to access the domain, it should have the same permissions as the domain management account.

    For information on how to prepare a domain management account, see Configuring Permissions for Domain Management Account.

  6. Click Save.

To specify groups or OUs included in the scope of managed persons

  1. On the menu bar of the Administration site, click Licensing.
  2. On the Licenses page, click the Managed Persons tab.
  3. On the Scope of Managed Persons page, select the domain connection for which you want to specify groups or OUs and click Edit.
  4. Do the following:
    • To specify the groups, click Add under Groups included into the scope of managed persons.
    • To specify the OUs, click Add under Organizational units included into the scope of managed persons.
  5. Click Save.

To specify groups or OUs excluded from the scope of managed persons

  1. On the menu bar of the Administration site, click Licensing.
  2. On the Licenses page, click the Managed Persons tab.
  3. On the Scope of Managed Persons page, select the domain connection for which you want to specify groups or OUs and click Edit.
  4. Do the following:
    • To specify the groups, click Add under Groups excluded from the scope of managed persons.
    • To specify the OUs, click Add under Organizational units excluded from the scope of managed persons.
  5. Click Save.

You can use the procedures below to specify the scope of managed external persons.

To add a domain to the managed external persons scope

  1. On the menu bar of the Administration site, click Licensing.
  2. On the Licenses page, click the Managed External Persons tab.
  3. On the Scope of Managed External Persons page, click Add domain connection.
  4. If domain connections already exist, select a domain connection from the list. If you want to create a new connection, click Add domain connection.
  5. If you selected to create the new domain connection, in the Add New Domain Connection dialog, configure access to the domain by doing the following:
    • In the Domain name text box, type the name of the domain that you want to register with Password Manager.
    • In the Domain alias text box, type the alias for the domain which will be used to address the domain on the Self-Service site.
    • To have Password Manager access the managed domain using the Password Manager Service account, select Password Manager Service account. Otherwise, select Domain management account, and then enter user name and password for the domain management account. Note, that if Password Manager Service account is used to access the domain, it should have the same permissions as the domain management account.

    For information on how to prepare a domain management account, see Configuring Permissions for Domain Management Account.

  6. Click Save.

To specify groups or OUs included in the scope of managed external persons

  1. On the menu bar of the Administration site, click Licensing.
  2. On the Licenses page, click the Managed External Persons tab.
  3. On the Scope of Managed External Persons page, select the domain connection for which you want to specify groups or OUs and click Edit.
  4. Do the following:
    • To specify the groups, click Add under Groups included into the scope of managed external persons.
    • To specify the OUs, click Add under Organizational units included into the scope of managed external persons.
  5. Click Save.

To specify groups or OUs excluded from the scope of managed external persons

  1. On the menu bar of the Administration site, click Licensing.
  2. On the Licenses page, click the Managed External Persons tab.
  3. On the Scope of Managed External Persons page, select the domain connection for which you want to specify groups or OUs and click Edit.
  4. Do the following:
    • To specify the groups, click Add under Groups excluded from the scope of managed external persons.
    • To specify the OUs, click Add under Organizational units excluded from the scope of managed external persons.
  5. Click Save.

Updating the License

If you have purchased a new license, you need to update the license by installing the new license key file. You can use the About section of the Administration site to install the file.

To update the license

  1. On the menu bar of the Administration site, click Licensing.
  2. On the Licenses page, click Install License.
  3. Select the license key file.
  4. Click Save.
Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating