立即与支持人员聊天
与支持团队交流

Password Manager 5.12.1 - Administration Guide

About Password Manager Getting Started Password Manager Architecture
Password Manager Components and Third-Party Solutions Typical Deployment Scenarios Password Manager in Perimeter Network Management Policy Overview Password Policy Overview Secure Password Extension Overview reCAPTCHA Overview User Enrollment Process Overview Questions and Answers Policy Overview Password Change and Reset Process Overview Data Replication Phone-Based Authentication Service Overview
Management Policies
Checklist: Configuring Password Manager Understanding Management Policies Configuring Access to the Administration Site Configuring Access to the Self-Service Site Configuring Access to the Helpdesk Site Configuring Questions and Answers Policy Workflow overview Custom workflows Custom Activities Self-Service Workflows Helpdesk Workflows Notification Activities User Enforcement Rules
General Settings
General Settings Overview Search and Logon Options Import/Export Configuration Settings Outgoing Mail Servers Diagnostic Logging Scheduled Tasks Web Interface Customization Instance Reinitialization Realm Instances Domain Connections Extensibility Features RADIUS Two-Factor Authentication Password Manager components and third-party applications Unregistering users from Password Manager Bulk Force Password Reset Working with Redistributable Secret Management account Email Templates
Upgrading Password Manager Administrative Templates Secure Password Extension Password Policies Enable S2FA for Administrators & Enable S2FA for HelpDesk Users Reporting Password Manager Integration Accounts Used in Password Manager Open Communication Ports for Password Manager Customization Options Overview Feature imparities between the legacy and the new Self-Service Sites Glossary

Reporting Services Default Configuration

The SQL Server Reporting Services component and the Management Tools component must be installed in order to use the Password Manager Reporting functionality. Make sure you select the required features when running the Microsoft SQL Server Setup.

Use the Reporting Services Configuration tool to configure SQL Server Reporting Services. If you installed a report server using the Install but do not configure the server option, you must use this tool to configure the server prior to using it. If you installed a report server using the Install the default configuration option, you can use this tool to verify or modify the settings that were specified during setup.

It is recommended to select the Install the default configuration option during SQL Server and Reporting Services setup on the Report Server Installation Options page of the Setup Wizard. In most cases this will save you much time and effort as long as Reporting Services default configuration is concerned.

Reporting Services Configuration tool can be used to configure a local or a remote report server instance. You must have local system administrator permissions on the computer that hosts the report server you want to configure.

NOTE: Remote data sources are not supported by SQL Server Reporting Services included in Microsoft SQL Server Express Edition.

To configure the Reporting Services default configuration

  1. Start the Reporting Services Configuration tool.
  2. Enter the SQL Server machine name and the Report Server Instance name and then click Connect.

    NOTE: Sequentially configure the Report Server options listed in the left pane of the Reporting Services Configuration tool. There must not be any Not configured options after the configuration is finished.
  3. Open the Report Server Virtual Directory Settingssection.
  4. Click New to create a new virtual directory. This opens a dialog box with the default settings entered. To accept the default settings click OK.
  5. Click Apply.
  6. Check the Apply default settingscheckbox and click Apply.
  7. Open the Report Manager Virtual Directory Settingssection.
  8. Click New to create a new virtual directory. This opens a dialog box with the default settings entered. To accept the default settings click OK.
  9. Click Apply.
  10. Open the Web Service Identity section.
  11. Click Apply to accept the default application pool names for the Report Server and the Report Manager

- OR -

Click New to specify your own application pool names.

  1. Click Apply.

The Reporting Services feature requires an SQL Server database (different from the Password Manager database) to store report server service data.

You can create the report server database in the following ways:

  • Automatically through Setup, if you choose the default configuration installation option in the SQL Server Installation Wizard, by selecting the Install the default configuration option in the Report Server Installation Options page.
  • Manually through Reporting Services Configuration tool.

To create a report server database

  1. Start the Reporting Services Configuration tool and connect to the report server instance you want to configure (the default instance name is MSSQLSERVERfor SQL Server and SQLEXPRESS for SQL Server Express Edition).
  2. In the Database Setup page, click Connect. This opens a SQL Server Connection dialog box.
  3. Type the name of the SQL Server database engine you want to use.
  4. Select the type of credentials used to connect to the SQL Server. You can specify a SQL Server login or use your credentials. The credentials you specify must have permission to log on to the server. Click OK.
  5. In the Database Setup page, click New. This reopens the SQL Server Connection dialog box.
  6. Type the name of the SQL Server database engine and select credentials. The credentials you specify must have permission to create a database.
  7. Type the name of the report server database. A temporary database is created along with the primary database.
  8. Choose the language to use, and then click OK.
  9. In the Database Setup page, specify the credentials used by the report server to connect to the report server database.
    • Select the Service credentials option to use the Windows service account and Web service account to connect through integrated security.
    • Select the Windows credentials option to specify a domain user account. A domain user account must be specified as <domain>\<user>.
    • Select the SQL Server credentials option to specify a SQL Server login.
  10. Click Apply.

A report server database can be created on a local or on a remote SQL Server database engine instance.

When you finish the Report Server configuration please restart the Report Server instance for the changes to take effect. You can restart the Report Server by sequential clicking the Stop button and then the Start button at the Server Status tab of the Reporting Services Configuration tool. If the configuration is performed correctly, the Initialization will be successfully passed for the Report Server instance.

Follow this checklist to verify Password Manager reporting functionality configuration and settings.

Table 28: Reporting functionality configuration and settings

Step

Reference

Ensure that MS SQL Server with the Reporting Services component is installed and configured.

Refer to MS SQL Server documentation.

Install Password Manager and its components.

Refer to Installing Password Manager.

Ensure that the DefaultAppPool, PMAdmin, PMUser, PMHelpdesk, and ReportServer application pools are running in the IIS Manager on the Password Manager and the Report Services servers. If any of these pools are not running – start them manually.

 

Ensure that the Default Web Site is running in the IIS Manager on the Password Manager and the Report Services servers. If the web site is not running – start it manually.

 

Connect to the Reporting Services server through Password Manager Administration site.

 

The interactive Web-based reports are built using the data that the report server retrieves from the Password Manager SQL database.

For more information on Reporting Services setup and configuration, refer to SQL Server documentation.

Reporting Services Firewall Issues

If Password Manager fails to operate properly when Reporting Services are separated from Password Manager by a firewall, specific ports should be open in the firewall.

To get the complete list of Password Manager server port numbers, that have to be open for the application to function properly, see Open Communication Ports for Password Manager.

 

Password Manager Integration

Quest Enterprise Single Sign-On (QESSO)

This section includes the information on how to configure Password Manager for use with Quest Enterprise Single Sign-On (QESSO). To implement the guidance in this section, you must have a working knowledge of Quest Enterprise Single Sign-On (QESSO).

Quest Enterprise Single Sign-on is a solution that provides users with the ability to access all applications on their desktop using a single user ID and password. After users have logged in, they can access password-protected applications on their desktop without the need to enter any further account details.

If an application requires login name and password to be entered, QESSO will remember the entered details. When the application is next started, QESSO will automatically enter the required login name and password.

The account details for password-protected applications are encrypted by using user logon password. When user resets or changes this password, the encrypted data is lost. To prevent data loss, Password Manager should be configured to notify QESSO about password changes and QESSO will re-encrypt the data using new password.

To enable QESSO integration

  1. Run the QESSO Client 32-bit or 64-bit wizard on the server where Password Manager resides. The wizard is located on the Individual Components tab of QESSO Autorun CD.
  2. Follow the wizard instructions.
  3. Install at least one of the following QESSO components on the server running a Password Manager instance:
    • SSOWatch
    • Advanced Login
    • Enterprise SSO Console
  4. Restart the Password Manager Service.
  5. On the Administration site, open workflows for which you want to configure integration with QESSO. QESSO integration settings can be found in the following activities:
    • Reset password in Active Directory
    • Change password in Active Directory
    • Reset password in Active Directory and connected systems
    • Change password in Active Directory and connected systems
  6. In required activities, select the Enable QESSO integration check box.
  7. Provide the account details for the QESSO administrator to be used for password resets.
  8. Click OK.

For the complete information about installing and using QESSO, please refer to the documentation for QESSO.

相关文档

The document was helpful.

选择评级

I easily found the information I needed.

选择评级