Password Manager Helpdesk Site Integration
Password Manager Helpdesk Site Integration
Follow the steps below to integrate the Password Manager Helpdesk site with Active Roles Web Interface.
To integrate Password Manager Helpdesk site with Active Roles Web Interface
- On the Home page of the Web Interface site, click Customization.
- Click Customization Tasks, and then, click List Existing Menus on the left pane.
- In the right pane, click User.
- Click Create New Command.
- In the right pane, select Page View Task and then click Next.
- Type a name for the new item and the URL of the page you want the new item to open. Type any text to display in the item area, and change the picture for the item.
The URL must be entered in the following format: https://COMPUTER_NAME/PMHelpdesk/EntryPoint/?Integrated=Yes&ActionName=<ActionName>, where COMPUTER_NAME is the name of the server where Password Manager resides, and <ActionName> is one of the following:
- ResetPassword - specify this action to enable Active Roles Web Interface operators to reset user passwords.
- ManageQAProfile - specify this action to enable Active Roles Web Interface operators to manage user Questions and Answers profile in Password Manager.
- AssignPasscode - specify this action to enable Active Roles Web Interface operators to generate passcodes for users.
- UnlockAccount - specify this action to enable Active Roles Web Interface operators to unlock user’s accounts.
- Authentication - specify this action to enable Active Roles Web Interface operators to authenticate users.
Replace https:// with http:// if you do not use HTTPS.
|
IMPORTANT: It is strongly recommended that you enable HTTPS on the Password Manager server. |
- Click Finish.
- Click Save to save the changes to ARS Web Interface.
- Click Reload link that appears in the upper part of the window, to publish the customization changes to the Web Interface site.
- Click Directory Management.
- Select the corresponding domain and the user for whom you want to perform a password management task. The item you have created will be shown in the Command Menu.
Note, when you choose a user for a password management task, after clicking the created command you will be required to enter the user name and password of a helpdesk operator included in the helpdesk scope to access the Helpdesk site.
For more information on how to customize Active Roles Web Interface please refer to Active Roles documentation.
Quest Enterprise Single Sign-On (QESSO)
This section includes the information on how to configure Password Manager for use with Quest Enterprise Single Sign-On (QESSO). To implement the guidance in this section, you must have a working knowledge of Quest Enterprise Single Sign-On (QESSO).
Quest Enterprise Single Sign-on is a solution that provides users with the ability to access all applications on their desktop using a single user ID and password. After users have logged in, they can access password-protected applications on their desktop without the need to enter any further account details.
If an application requires login name and password to be entered, QESSO will remember the entered details. When the application is next started, QESSO will automatically enter the required login name and password.
The account details for password-protected applications are encrypted by using user logon password. When user resets or changes this password, the encrypted data is lost. To prevent data loss, Password Manager should be configured to notify QESSO about password changes and QESSO will re-encrypt the data using new password.
To enable QESSO integration
- Run the QESSO Client 32-bit or 64-bit wizard on the server where Password Manager resides. The wizard is located on the Individual Components tab of QESSO Autorun CD.
- Follow the wizard instructions.
- Install at least one of the following QESSO components on the server running a Password Manager instance:
- Restart the Password Manager Service.
- On the Administration site, open workflows for which you want to configure integration with QESSO. QESSO integration settings can be found in the following activities:
- Reset password in Active Directory
- Change password in Active Directory
- Reset password in Active Directory and connected systems
- Change password in Active Directory and connected systems
- In required activities, select the Enable QESSO integration check box.
- Provide the account details for the QESSO administrator to be used for password resets.
- Click OK.
For the complete information about installing and using QESSO, please refer to the documentation for QESSO.
Appendixes
Appendix A: Accounts Used in Password Manager
Appendixes > Appendix A: Accounts Used in Password Manager
Appendix A: Accounts Used in Password Manager
The following accounts can be used in Password Manager:
- Password Manager Service account
- Application pool identity
- Domain management account
- Password policy account
- Account for One Identity Quick Connect Sync Engine