Chat now with support
Chat with Support

Password Manager 5.8.2 - Administrator Guide (AD LDS edition)

About Password Manager Getting Started Upgrading Password Manager to 5.8.1 Password Manager Architecture Management Policies
Checklist: Configuring Password Manager Understanding Management Policies Configuring Access to the Administration Site Configuring Access to the Self-Service Site Configuring Access to the Helpdesk Site Configuring Questions and Answers Policy Workflow Overview Custom Workflows Custom Activities Self-Service Workflows Helpdesk Workflows User Enforcement Rules
General Settings Password Policies One Identity Hybrid Subscription One Identity Starling Reporting Appendix A: Accounts Used in Password Manager for AD LDS Appendix B: Open Communication Ports for Password Manager for AD LDS Appendix C: Customization Options Overview Glossary

Register

Register

Use this workflow to select which registration methods to display on the User site.

Select registration mode allows the administrator to configure, which registration methods are allowed for registration to the users. Following are the three methods available for the users to register.

  • Questions & Answers
  • Mobile
  • E-mail

The selected options will be added in the Password Manager User site.

NOTE: When the administrator select registration method(s), only the respective authentication methods are visible to the administrator in Authentication methods.

Select one of the radio buttons to set the method as mandatory registration method. The administrator can set a method mandatory from Select the registration method that must be set as the mandatory registration method for users in the User site. When the administrator selects a method as mandatory, it is compulsory for users for registration in the User site. To set as mandatory registration method for the users in the Password Manager User site, select one of the following options.

  • Questions & Answers
  • Mobile
  • E-mail
  • None

NOTE: When the administrator selects None from the list, no registration method is mandatory for the user.

NOTE: To register through the mobile option, you must select the country code from the drop-down menu.

Configuring country code drop-down menu

Configuring country code drop-down menu

You can configure the options to add, remove, or modify the country code drop-down menu.

To modify the view of the drop-down menu to display the country name or the country code, navigate to the location where Password Manager is installed. Open the QPM.Service.Host.exe.config file. Add the required details in the <CountryConfig ShowWith="Attribute"> tag, where <"Attribute"> can be CountryName or CountryCode.

To add a new country code, provide the required details in the <add CountryName="<required country name>" CountryCode="<required country code>" ISDCode="<required ISD code>">.

Restart the Password Manager service to view the updates in the country code drop-down menu.

Manage My Profile

Manage My Profile

The Manage My Profile workflow allows the administrator to manage user profiles in Active Directory by using the Admin site. Manage My Profile uses settings of Register workflow.

Use this workflow only if the user's Questions & Answers profile is pending for update. To configure, do the following.

  1. Select Manage My Profile workflow.
  2. Click Settings.
  3. Select the checkbox Run this activity only if user's profile should be updated.

 

Forgot My Password

Forgot My Password

You can use this workflow to configure the Forgot My Password task for the Self-Service site. The Forgot My Password task allows users to reset passwords for their accounts in AD LDS and in connected data sources (if integration with One Identity Quick Connect Sync Engine is configured) by using the Self-Service site. For more information on using One Identity Quick Connect Sync Engine, see Reset Password in AD LDS and Connected Systems.

IMPORTANT: To display password policies on the Self-Service site when users reset passwords, add connections to AD LDS instances on the Password Policies tab of the Administration site. For more information see Creating a Password Policy.

The default configuration of this workflow is the following:

  1. Authentication Methods
  2. Lock Q&A profile.
  3. Reset password in AD LDS.
  4. Restart workflow if error occurs.
  5. Email user if workflow succeeds.
  6. Email user if workflow fails.
Related Documents