You can configure cross-platform password synchronization using One Identity Quick Connect. If used in conjunction with Quick Connect, Password Manager allows you to enable users and helpdesk operators to manage passwords across a wide variety of connected systems.
To enable Password Manager to connect to Quick Connect and set passwords in connected systems, the account used to access Quick Connect must be a member of the local administrators group on the Quick Connect server. For more information on using Quick Connect with Password Manager, see Reset Password in Active Directory and Connected Systems.
Appendix B: Open Communication Ports for Password Manager
This section provides a list of communication ports that need to be open in the firewall for Password Manager to function properly.
Administration Site
Port 80 (Default HTTP) TCP Inbound
Port 443 (Default HTTPS) TCP Inbound/Outbound
Port 8081 TCP Inbound/Outbound
Port 25 (Default SMTP port) TCP Outbound
Port 135 TCP Inbound/Outbound
Legacy Self-Service, Password Manager Self-Service, and Helpdesk Sites
Port 80 (Default HTTP) TCP Inbound
Port 443 (Default HTTPS) TCP Inbound/Outbound
Port 8081 TCP Inbound/Outbound
The Password Manager Self-Service site has all functionality similar to the Legacy Self-Service site with a new and improved user interface. The Password Manager Self-Service site can co-exist along with the already existing Legacy Self-Service site and you can select to revert anytime to the Legacy Self-Service site.
Password Manager Service
Port 53 (Outgoing DNS lookups) UDP Outbound
Port 88 (Kerberos Authentication) TCP/UDP Outbound
Port 389 (LDAP Access) TCP/UDP Outbound
Port 636 (LDAP Access) TCP Outbound
Port 137 (NetBIOS Name Service) TCP Outbound
Port 139 (NetBIOS Session Service) TCP Outbound
SQL Server
Port 1433 (SQL Server) TCP/UDP Outbound
Port 1434 (SQL Server Browser Service) TCP/UDP Outbound
Report Server
Port 80 (SQL Server Report Services) TCP Outbound
Email Notification
Port 25 (Default SMTP port) TCP Outbound
One Identity Quick Connect Sync Engine
Port 808 TCP Outbound
Secure Password Extension
Port 80 (Default HTTP) TCP Outbound
Port 88 (Kerberos Authentication) UDP Outbound
Port 389 (LDAP Access) TCP Outbound
Port 443 (Default HTTPS) TCP Outbound
Telesign
Port 443 TCP Outbound
Defender
Port specified in the activity settings (Authenticate with Defender) is used
BitLocker with MBAM
Port specified in the activity settings (Issue BitLocker recovery key) is used
Customization of steps in Legacy Self-Service, Password Manager Self-Service site, and Helpdesk Tasks
You can change the steps and the order of steps in Legacy self-service, Password Manager Self-Service site, and helpdesk tasks by modifying the workflows that correspond to these tasks. For example, to modify the Forgot My Password task on the Self-Service site you need to modify the Forgot My Password workflow on the Administration site.
A workflow consists of activities; each activity can be configured independently of other activities. Almost each activity corresponds to a single step in a task, that is a single page in the wizard a user goes through to complete the task.
By adding and removing activities and changing activities’ order in a self-service workflow you can define what wizard pages and in what order users will go through when performing a task on the Self-Service site. The same applies to the Helpdesk site and helpdesk workflows.
To edit a workflow, open the workflow on the Administration site and add or remove activities in the workflow designer.
For more information on configuring workflows, see Workflow structure.
For more information on modifying self-service workflows and activities, see Legacy Self-Service or Password Manager Self-Service site workflows.
For more information on modifying helpdesk workflows and activities, see Helpdesk Workflows.