Password Manager 5.8.2 - Administrator Guide (AD LDS edition)

About Password Manager Getting Started Upgrading Password Manager to 5.8.1 Password Manager Architecture Management Policies
Checklist: Configuring Password Manager Understanding Management Policies Configuring Access to the Administration Site Configuring Access to the Self-Service Site Configuring Access to the Helpdesk Site Configuring Questions and Answers Policy Workflow Overview Custom Workflows Custom Activities Self-Service Workflows Helpdesk Workflows User Enforcement Rules
General Settings Password Policies One Identity Hybrid Subscription One Identity Starling Reporting Appendix A: Accounts Used in Password Manager for AD LDS Appendix B: Open Communication Ports for Password Manager for AD LDS Appendix C: Customization Options Overview Glossary

Display User Agreement

Display User Agreement

Depending on the legislation requirements, organizations may be required to explicitly obtain users’ consent to store their personal information which is available in Questions and Answers profile.

You can use this activity to have the Self-Service site ask users to agree that Password Manager will store their personal information.

For example, you can use this activity in the My Questions and Answers Profile workflow; it is recommended to place the activity after authentication activities and before the Edit Q&A profile activity.

To configure the Display user agreement activity

  1. Open the Display user agreement activity included in the workflow.
  2. Edit the agreement text in the default language as required. When editing the agreement text, you can use the parameters available in the editor, for example #USER_ACCOUNT_NAME# and others.
  3. To edit the agreement text in the available additional languages, click the language link in the Additional languages list. By default, the agreement text template is available in 16 languages.
  4. Click the Add new language link to select more languages for the agreement text.
  5. Click OK.

Restart Workflow if Error Occurs

Restart Workflow if Error Occurs

This activity is performed when an error occurs during workflow execution. In this case, the activity reruns any self-service workflow from the very beginning. If a critical error occurs (user’s account or Q&A profile gets locked, for example), then the Restart workflow if error occurs activity is skipped and the workflow stops.

It is recommended to place this activity before notifications activity in a workflow.

You do not need to configure this activity.

Notification Activities

Notification Activities

All built-in notifications can be of two types: user notifications and administrator notifications. Each notification type is divided into success and failure notifications. So, for each workflow four notification activities are available:

  • Email user if workflow succeeds
  • Email user if workflow fails
  • Email administrator if workflow succeeds
  • Email administrator if workflow fails

IMPORTANT: Before configuring notifications, ensure that you have configured the outgoing mail servers. To specify the SMTP server settings, use the procedure outlined in Outgoing Mail Servers.

Customizing Notifications

Customizing Notifications

By default, Email user if workflow succeeds and Email user if workflow fails activities are included in every self-service and helpdesk workflow. These activities contain predefined notification templates that correspond to a workflow. For example, user notification activities in the Forgot My Password workflow offer templates about successful/failed password reset.

The notification templates are available in 17 languages: Chinese (Simplified), Chinese (Traditional), Czech, Danish, Dutch, English, French, German, Italian, Japanese, Korean, Polish, Portuguese (Brazil), Portuguese (Portugal), Russian, Spanish, Swedish.

By default, for each user notification activity included in the default workflow configuration 17 languages are available: English as the default language and the others as additional languages. You can also select more languages by clicking the Add new language link in the notification activity dialog box.

The language of notification corresponds to the language of a user’s Q&A profile. If the Q&A profile is configured in a language that is not included in the list of languages available for Password Manager email notifications, the user will receive the notification in the default language.

NOTE: Predefined notification templates in 17 languages are available for user notifications only (Email user if workflow succeeds and Email user if workflow fails activities).

You can customize email notification messages distributed by Password Manager to meet specific requirements in your organization.

The following table describes parameters that you can use in email notifications:

Table 8: Email notification parameters

Parameter

Description

Examples

#PRODUCT_NAME_FULL#

Full name of the software product. The parameter value is a constant.

One Identity Password Manager

#PRODUCT_NAME_SHORT#

Short name of the software product. The parameter value is a constant.

Password Manager

#COMPANY_NAME_FULL#

Full name of the company. The parameter value is a constant.

One Identity LLC

#COMPANY_NAME_SHORT#

Short name of the company. The parameter value is a constant.

One Identity

#PRODUCT_NAME_SHORT_CUSTOM# Short name of the software product. The parameter value can be set manually by the user. Password Manager Custom

#USER_ACCOUNT_NAME#

User’s CN.

CN=JSmith

#USER_DISPLAY_NAME#

User’s display name.

John Smith

#USER_FIRST_NAME# User's first name. john
#USER_LAST_NAME# User's last name Smith
#USER_UPN_NAME# User Principle name is the name of a system user in an e-mail address format. JSmith@corp.contoso.com
#MACHINE_HOST_NAME# A hostname is the label (the name) assigned to a device (a host) on a network and is used to distinguish one device from another on a specific network or over the Internet. MachineHostName.corp.contoso.com
#WINDOWS_LOGON_NAME# Login name for wWindows. corp\JSmith

#OPERATOR_IP#

Helpdesk operator’s IP address.

172.16.254.1

#WORKFLOW_NAME#

Name of the workflow that was executed. All workflow names are available on the Administration site.

Forgot My Password

#WORKFLOW_RESULT#

Result of a workflow execution displayed on the status page of the Self-Service site.

Your password was successfully changed.

#WORKFLOW_SUMMARY#

Text displayed in the details pane on the status page of the Self-Service site.

Notification was sent to your email.

The notifications are sent either in plain text or as HTML.

To configure user email notifications

  1. Open the user notification activity included in the workflow.
  2. Edit the subject and body of the notification template in the default language as required. When editing the notification template, you can use the parameters available in the notification editor, for example #USER_ACCOUNT_NAME#, #WORKFLOW_RESULT#, and others.
  3. To edit the notification message template in the available additional languages, click the language link in the Additional languages list.
  4. Click the Add new language link to select more languages for the notification message.
  5. In the Message format box, select the format to use for the notifications. You can select from two options: either HTML or Plain text.
  6. In the User notification settings, select one of the following:
    • Subscribe users to this notification. Allow users to unsubscribe.
    • Subscribe users to this notification. Do not allow users to unsubscribe.
    • Do not subscribe users to this notification. Allow users to subscribe to this notification.
  7. Verify the changes you have made by sending a test message. Click the Test notification settings button and enter an email address for a test email notification and select the notification language.
  8. Click OK.
Related Documents