Another option to change the Self-Service URL used by Secure Password Extension is to use the administrative template prm_gina.adm or prm_gina.admx located in \Password Manager\Setup\Administrative Template\ folder of the installation CD.
The administrative template offers two options to override the automatic Self-Service site location: Specify URL path to the Self-Service site and Override URL path to the Self-Service site. If you want Secure Password Extension to use the specified URL only when service connection points are unavailable, for example when domain users access the Self-Service site from an external network, use the Specify URL path to the Self-Service site setting. If you want Secure Password Extension to always use the specified URL, enable the Override URL path to the Self-Service site setting after specifying the URL in the Specify URL path to the Self-Service site setting. The administrative template allows you to apply the settings to selected users.
For more information on how to apply administrative template, see Overriding Automatic Self-Service Site Location.
Every unique Password Manager instance creates a configuration storage account in Active Directory. Password Manager uses this account to store its configuration data. Secure Password Extension uses the account to launch user notification.
This section describes the prerequisites and steps for deploying and configuring Secure Password Extension to provide access to the Self-Service site from the Windows logon screen on end-user computers. Secure Password Extension also provides dialog boxes displayed on end-user computers, these dialog boxes notify users who must create or update their Questions and Answers profiles with Password Manager.
Secure Password Extension is deployed on client computers through Group Policy. You can create a new Group Policy object (GPO) or use an existing one to assign the installation package with Secure Password Extension for installing it on the destination computers. Secure Password Extension is then installed on computers to which the GPO applies. Depending on the operating system running on the destination computers, you must apply either of the following installation packages included on the installation CD:
You can modify the behavior and on-screen appearance of Secure Password Extension components by configuring an administrative template's settings, and then applying the template to the target computers through Group Policy.
The administrative template is available in two formats: prm_gina.adm and prm_gina.admx.
The prm_gina.adm administrative template file is located in the \Password Manager\Setup\Administrative Template\ folder of the installation CD. Before using the file, copy it from the installation CD. The recommended target location is the \inf subfolder of the Windows folder on a domain controller.
The prm_gina.admx administrative template file is located in the \Password Manager\Setup\Administrative Template\ folder of the installation CD. This administrative template is designed to be used with Windows Server 2008 R2 or later operating systems. Before using this administrative template, copy the prm_gina.admx and prm_gina.adml files from the installation CD to the following locations: %systemroot%\policyDefinitions (for the prm_gina.admx file) and %systemroot%\policyDefinitions\En-US (for the prm_gina.adml file).
Follow the steps below to configure and deploy the Secure Password Extension on end-user computers.
To deploy and configure Secure Password Extension