立即与支持人员聊天
与支持团队交流

Password Manager 5.14.2 - Administration Guide

About Password Manager Getting started Password Manager architecture
Password Manager components and third-party applications Typical deployment scenarios Password Manager in a perimeter network Management Policy overview Password policy overview Secure Password Extension overview reCAPTCHA overview User enrollment process overview Questions and Answers policy overview Password change and reset process overview Data replication Phone-based authentication service overview
Management policies
Checklist: Configuring Password Manager Understanding Management Policies Adding or cloning a new Management Policy Configuring access to the Administration Site Configuring access to the Password Manager Self-Service Site Configuring access to the Helpdesk Site Configuring Questions and Answers policy Workflow overview Custom workflows Custom activities Password Manager Self-Service Site workflows Helpdesk workflows Notification activities User enforcement rules
General Settings
General Settings overview Search and logon options Importing and exporting configuration settings Outgoing mail servers Diagnostic logging Scheduled tasks Web Interface customization Instance reinitialization Realm Instances Domain Connections Extensibility features RADIUS Two-Factor Authentication Internal Feedback Customizing help link URL Password Manager components and third-party applications Unregistering users from Password Manager Bulk Force Password Reset Fido2 key management Working with Redistributable Secret Management account Email templates
Upgrading Password Manager Administrative Templates Secure Password Extension Password Policies Enable 2FA for administrators and helpdesk users Reporting Password Manager integration Accounts used in Password Manager Open communication ports for Password Manager Customization options overview Third-party contributions Glossary

Updating Administrative Templates

To update the administrative templates from .adm to .admx on both Domain Controller and Client computer, follow the steps mentioned below

Updating Templates on Domain Controller

Before updating the templates, you must remove the existing .adm templates and then proceed updating the templates.

To remove the administrative templates (.adm) on Domain Controller

  1. Open the Group Policy Management (gpmc.msc).

  2. Right click on the GPO you have created and set Enforced to disable.

  3. Again, right click on the GPO, and on the shortcut menu, click Edit. Group Policy Management Editor opens.

  4. On the left pane (console tree) of Group Policy Management Editor, expand Computer Configuration\Policies.

  5. Right-click the Administrative Templates node, then click Add/Remove Templates.

  6. In the Add/Remove Templates dialog, select the prm_gina.admx file and click Remove.

To update the administrative templates (.admx) on Domain Controller

  1. Copy the Administrative Template Configuration folder from <CD>/Password Manager/Setup/Tools.

  2. Copy the Administrative Template folder into the Machine from <CD>/Password Manager/Setup/Template.

  3. Double click the QPM.AdministrativeTemplateConfiguration.exe tool.

  4. Browse the Administrative Template folder path and verify the Path to Policy Definitions.

  5. Click Execute to run the tool.

  6. Once the execution is complete, launch the Group Policy Management utility.

  7. Right click the domain node, then on the shortcut menu, click Create a GPO in the domain and Link it here to link the policy.

  8. Enter a name to the New GPO. For example, OneIdentity.

  9. Right click the new GPO (OneIdentity) and select Enforced to apply the policy.

  10. Again, right click the new GPO (OneIdentity) and select Edit.

  11. Go to Computer Configuration > Policies

  12. Expand Administrative Templates: Policy Definitions (ADMX files) retrieved from the central store, then expand One Identity Password Manager

  13. Click on Generic Settings to view the newly checked in Administrative Template.

Updating templates on client computer

To remove the administrative templates (.adm) on client computer

  1. Open the Local Group Policy Management Editor (gpedit.msc).

  2. Expand Computer Configuration\Policies.

  3. Right-click the Administrative Templates node, then on the shortcut menu, click Add/Remove Templates.

  4. In the Add/Remove Templates dialog, select the prm_gina.admx file and click Remove.

To update the administrative templates (.admx) on the client computer manually

  1. Copy the prm_gina.admx file into the %windir%\PolicyDefinitions directory.

  2. Copy the prm_gina.adml file into the %windir%\PolicyDefinitions\en-us directory.

  3. Open the Local Group Policy Management Editor (gpedit.msc) and navigate to the Computer Configuration\Administrative Templates\One Identity Password Manager directory to see the policy settings.

Removing Administrative Templates

This section describes how to remove administrative templates.

To remove the administrative templates (.admx) on Domain Controller

  1. Open the Group Policy Management (gpmc.msc).

  2. Right click on the GPO you have created and set Enforced to disable.

  3. Navigate to C:\Windows\SYSVOL\sysvol\domain name\Policies\PolicyDefinitions path.

  4. Delete prm_gina.admx file.

  5. Navigate to the %systemroot%\SYSVOL\sysvol\domain name\Policies\PolicyDefinitions\en-US folder and delete prm_gina.adml file.

To remove the administrative templates (.admx) on the client computer manually

  1. Navigate to the %windir%\PolicyDefinitions directory. Delete the prm_gina.admx file.

  2. Navigate to the %windir%\PolicyDefinitions\en-us folder. Delete the prm_gina.adml file.

  3. Update the policy.

Secure Password Extension

Configuring access to the Self-Service Site from the Windows login screen

It is very common for business users to forget their password and be unable to log on to the system. Password Manager allows users to securely and conveniently reset their forgotten network passwords, or manage their passwords in multiple enterprise systems, before even logging on to the system. To enable user’s access to the Self-Service Site from the Windows logon screen, Password Manager implements Secure Password Extension.

相关文档

The document was helpful.

选择评级

I easily found the information I needed.

选择评级