When a user changes or resets password on the Self-Service site, the password policy rules specified for the user's domain can be displayed on the page where the user is required to enter a new password.
For more information, see Configuring Password Policy Rules.
<add key="PasswordStrengthMeterEnable" value="true"/>
You can customize the text displaying the strength of the Password strength meter.
To customize the text:
For more information, see Password Compliance .
To set display name as user name:
<add key="DisplayName" value="true"/>
To set display name as sAMAccountName:
<add key="DisplayName" value="false"/>
A record that consists of all the information that defines a user to Active Directory. This includes the user name and password required for the user to log on, the groups in which the user account has membership, and the rights and permissions the user has for using the computer and network and accessing their resources.
As soon as changes occur in one site, they will be replicated to the sites you select. Use this option to reduce potential downtime.Active Directory sites
A log that lists all actions performed by Password Manager.
A certificate is used to encrypt traffic and provide authentication between Password Manager Service and web sites installed on different servers. View more.
An account used by Password Manager for storing its configuration data i.e. settings configured in Password Manager, for example Management Polices, general settings, etc. The configuration storage account is automatically created in the Users container of a managed domain when the managed domain is added. The configuration storage account is named QPMStorageContainer.
Custom activity is an activity with PowerShell handlers. Create custom activities from scratch or convert built-in activities to custom. View more.
A logical collection of resources that consists of computers, printers, computer accounts, user accounts, and other related objects.
For a Windows Server domain, the server that authenticates domain logons and maintains the security policy and the security accounts master database for a domain. Domain controllers manage user access to a network, which includes logging on, authentication, and access to the directory and shared resources.
Selecting several domain controllers (DCs) provides fault tolerance in your environment.If the first DC becomes unavailable, the next DC in the list will be used automatically.Domain Controller.
An account under which Password Manager accesses a managed domain. Domain management account must have minimum permissions required to successfully perform password management tasks in the managed domain. For more information on the minimum permissions, see Configuring Permissions for Domain Management Account.
This algorithm is used to encrypt users’ answers to secret questions. Users’ answers will be encrypted if the “Store answers using reversible encryption” option is selected in the Q&A profile settings. Otherwise, the answers will be hashed.
Provide regular expression based on the selected Active Directory attribute to find a matching pattern in the target system.
This algorithm is used to hash users’ answers to secret questions if reversible encryption is not used to store the answers.
A Questions and Answers Profile that temporarily cannot be used.
A Questions and Answers Profile can become locked after a number of unsuccessful attempts to answer the questions.
A question, the same for all users in a domain, that users must answer in order to authenticate themselves using Password Manager.
A question that users should select from a list of pre-defined questions and answer to authenticate themselves using Password Manager.
An Active Directory container object used within domains. An organizational unit is a logical container into which users, groups, computers, and other organizational units are placed. It can contain objects only from its parent domain.
Realm is a set of Password Manager Service instances sharing realm settings and configuration. You can use the realm to enhance the service availability.
An association between Secure Password Extension and a Password Manager Service. If you enforce an affinity to specific Password Manager realm using Group Policy, all the clients running Secure Password Extension and affected by this policy will use only the Password Manager Service instances that belong to the specified realm.
An account used to install Password Manager. The Password Manager Service account must be a member of the Administrators group on the Web Server where Password Manager is installed.
A component of Password Manager that enforces password policies configured in Password Manager, when users change their passwords using tools other than Password Manager. Password Policy Manager is installed on domain controllers.
A set of questions selected by a user from the Question list and user's answers to them. A Questions and Answers Profile is used to authenticate a person using Password Manager.
A set of questions used in creating users' Questions and Answers profiles. The list is defined by the administrator and contains a series of questions in a certain language that users from a specific domain must answer in order to create or update their personal Questions and Answers profiles. A question list defines the number of questions of each type and the wording of mandatory and optional questions.
Provide a value to replace the matched pattern in the target system.
A component of Password Manager that facilitates access to the Self-Service site from the Windows logon screen. This component is installed on end-user computers.
A website for Password Manager end-users. On this site, end-users can create their Questions and Answers Profiles and manage their passwords.
An Active Directory object that represents instance of a service. The service connection point contains binding information which is used to connect to the service.
By default, in the toolbar of the Self-Service site a user's name is displayed as domain\username. For example, “mydomain\JDoe”.
To show “John Joe” instead, select this option.
A character that is neither alphabetic nor numeric.
Provide a sample Active Directory attribute value to evaluate the matching pattern.
A question that users must provide along with the answer in order to authenticate themselves using Password Manager.
If a user is not registered, then only Reset Password, Unlock Account, and Assign Passcode workflows are enabled. For more information, see Workflow settings.
If a user is not registered, only Register, Manage My Profile and I Have a Passcode workflows are enabled. For more information, see Workflow settings.