Using this activity, you can configure Password Manager to use One Identity Quick Connect to reset passwords in connected systems. If used in conjunction with Quick Connect, Password Manager allows you to enable users and Helpdesk operators to manage passwords across a wide variety of connected systems. To be able to integrate Password Manager with Quick Connect, you must have a working knowledge of Quick Connect Sync Engine.
To enable Password Manager to set passwords in connected systems through a Quick Connect server, the account used to access Quick Connect must be a member of the local administrators group on the Quick Connect server.
Before you can configure Password Manager to use a Quick Connect server for cross-platform password synchronization, you must do the following in Quick Connect:
- Create a connection to the Active Directory domains managed by Password Manager.
- Create connections to the systems you want Password Manager to synchronize passwords with.
- Map users from the managed domains to users in the connected systems.
To enable Password Manager for cross-platform password synchronization
- Include the Reset password in Active Directory and connected systems activity in a workflow and click the activity to edit its settings.
- In the Quick Connect server name text box, specify the IP address or the fully qualified domain name of the Quick Connect server.
- Select the account to be used to access the Quick Connect server. You can use either Password Manager Service account or specify another account. You can use either pre-Windows 2000 login name (such as DomainName\UserName) or User Principal Name (such as UserName@DomainName.com) to specify the user name.
- Specify how you want Password Manager to act when the Quick Connect server is unavailable. To do it, select one of the following and click Next:
- Act as if no Quick Connect server was specified: Users can manage their passwords only in the Active Directory domain. No warnings are displayed to users if Quick Connect server is not available.
- Alert users and allow them to reset passwords only in Active Directory: Users are notified that other connected data sources are temporarily unavailable, and are allowed to continue managing their passwords only in the Active Directory domain.
- Do not allow users to reset passwords: Users cannot perform any password management tasks in the Active Directory domain and in connected data sources, if the Quick Connect server is not available.
- From the list of connected systems, select the systems in which you want to manage user passwords. For each selected system, specify the following options and click Next:
- System alias
- Reset password in this system independently from Active Directory: Select this option to allow users to reset their passwords in a connected system independently from Active Directory.
- Do not allow resetting password in this system independently from Active Directory: Select this option to prevent users from resetting their passwords in a connected system independently from Active Directory. Note that if you select this option, a user’s password will be reset in the connected system only after the password has been successfully reset in Active Directory. If the user's password is not reset in Active Directory, it will be not reset in the connected system. Users can specify a different password for the connected system, if you select the Allow users to specify different password for this systemoption.
- To enforce password history in the Active Directory domains managed by Password Manager, select the Enforce password history check box. Password history determines the number of unique new passwords that have to be associated with a user account before an old password can be reused. Password history is defined for a domain through Group Policy settings.
- Select the Enable QESSO integration to integrate Password Manager with Quest Enterprise Single Sign-On (QESSO) and notify QESSO about user’s password changes. For more information, see Quest Enterprise Single Sign-On (QESSO).
- Click OK to close the wizard.