The Password Manager permission checker is a script used to check the user permissions and privileges. The basic permissions for a user includes the local system permissions and the Active Directory read, write, and delete permissions. Using the permission checker script, you can evaluate the local and Active Directory permissions for the domain account to check if sufficient permissions are available to the Password manager with all privileges.
Login to the server by providing the domain account credentials where the Password Manager is to be installed.
From the installation folder, <Password Manager\Setup\Tools\Permission Checker>, copy the Permission Checker folder and paste it on to the server.
Update the Configuration.xml file with the required domain objects information that needs to be validated from the tool.
The permissions associated with the user account is displayed. The PermissionChecker.log file available at the same location where the tool is placed and it contains the same permission report displayed in the script console.
|IMPORTANT: If the data in the Configration.xml is not specified or incorrect, permis-sion checks are ignored for those sections. After this, the Permission check Warning Summary Report is displayed that is part of the tool which specifies the reasons for the domain account which doesn't have sufficient privileges.|
Microsoft Power BI is an analytics service that is used to visualize large data with business intelligence. You can generate multiple interactive reports and customize dashboards with data insights and plot them on graphs to simplify data visualization.
The predefined Password Manager PowerBI template is available in Password Manager\Setup\Template\PowerBI Template of the installation CD. You can extend the functionality by exporting the predefined template using the PowerBI Desktop software. The template provides the following reports by default:
Actions by Users
Actions by Number of Users
Users actions by Month
Helpdesk usage by Operators
Helpdesk usage by Users
Registration by Month
To import the predefined PowerBI template
Download and install the Power BI Desktop software from the Microsoft Download Center.
Provide the credentials to login to the Power BI Desktop software.
Navigate to File | Import | Power BI template.
Select the predefined Power BI template and click Open.
The PowerBI Desktop initiates the process to connect to the database from which the template is created. Click Cancel.
The Refresh window is displayed. Click Cancel.
Navigate to the Data Source settings in the Power BI Desktop.
The Data source settings window is displayed.
Provide the SQL Server name in the Server field and the Database name in the Database field.
The Power BI Desktop is connected to the database and all the updates are displayed.
As an alternative to generating reports using predefined Power BI templates, you can use the Reporting feature. For more information, see Reporting and User Action History Overview section.
The Password Manager Credential Checker is based on PowerShell scripts used to check if the user’s password is compromised. Credential Checker deals with actions related to change in password in Active Directory, reset password in Active Directory, change password in Active Directory and connected systems, or reset password in Active Directory and connected systems. By default, the Credential Checker PowerShell script implements VeriClouds CredVerify functionality for leaked password with hash segment.
|IMPORTANT: If you prefer to use other credential checker service, modify the Credential Checker PowerShell script appropraitely.|
After the Password Manager is installed, on the Password Manager Administrator portal, go to General settings | Extensibility and select Turn the credential checker mode on or off to enable the feature.
$api_secret=<valid api secret>
When you enter a new password on the Self-Service site using any of the workflows, such as, Forgot Password or Manage My Passwords, the Credential Checker validates the new password and check if it matches with the passwords listed in the VeriClouds. If the password matches, Provided password is compromised, type another password. If you've ever used it anywhere before, change it! is displayed.