|Enabling Password Services|
|Configuring Security Questions and General Settings|
|Using the Password Services Wizard|
|Password Services Reports|
Welcome to the SysAid Password Services Module!
Password Services is a self service module for your end users that allows them to:
Before Password Services, your end users would contact the helpdesk each time they forgot their password or got locked out. Now that you have Password Services, your end users can perform these actions themselves, getting immediate results and saving your helpdesk staff much time and energy.
There are several steps you must take in order to enable Password Services:
The first thing you must do to start using Password Services is ensure that you have configured your LDAP. Go to Preferences --> Integration --> LDAP and verify that your settings are correct. Make sure that the LDAP user you specify has administrator privileges in your LDAP.
Important: Password Services will only work over an SSL LDAP connection. If you are not sure that you configured your LDAP using SSL, please check the URL to LDAP server field. If the port number is 636, then you are connecting using SSL. If this is not the port number, then run the LDAP configuration wizard again and choose LDAP over SSL.
Once LDAP is configured, you must enable the Password Self Service Wizard for your end users.
To enable the Password Self Service Wizard:
Note: When you click Save, SysAid checks all of your LDAP configurations and will inform you if there are any problems accessing your LDAP(s).
Once the Self Service Wizard has been enabled, each of your end users must then register.
To register, each end user must:
Once this is done, the end user can access the Password Self Service Wizard using the icon on the End User Portal.
You can allow your end users to access the Password Self Service Wizard from the Windows login screen (supports Windows Vista and higher).
To enable the Password Self Service Wizard from the Windows login screen on your computers, you must install version 8.5+ of the SysAid Agent and enable the SysAid Password Services Credential Provider.
You can enable the SysAid Password Services Credential Provider in the following ways:
In the Deployment Tool under Edit --> Settings, check the box Install SysAid Password Services Credential Provider. Then deploy the SysAid Agent to the desired computers.
From Asset Management --> Network Discovery --> Deploy Agents, open Agent Settings and check the box Install SysAid Password Services Credential Provider. Then deploy the SysAid Agent to the desired computers.
For each desired computer, change the value of the registry key HKEY_LOCAL_MACHINE\SOFTWARE\Ilient\Agent\enableSysaidPS to "Y". You may create a script to do this on multiple computers at once, if you desire. This option is useful for agents that have been deployed manually or that have already been deployed.
Your end users can now access the Password Self Service Wizard from the Windows login screen. To see how this is done, please go here.
A security question is a simple question, such as "In which city were you born," that an end user will certainly not forget the answer to. When an end user registers for Password Self Service, the end user must choose several security questions from a list and answer them. If that end user ever needs to reset a password or unlock an account, the end user reenters their answers to the questions.
It is up to you, the administrator, to choose which security questions appear in the list, and how many security questions each end user must answer.
Go to Password Services --> Security Questions to see a list of available security questions. For each security question, you may choose whether it appears in the list or not and whether an end user must answer it. You may also create your own security questions. Go here for more information.
Go to Password Services --> Settings --> Security Questions (tab) to choose how many security questions a user must answer and what the minimum answer size is. For more information, go here.
You can configure the exact behavior of Password Services under Password Services --> Settings --> General (tab). Among the settings you can choose from are how users receives their new passwords after a password reset (e.g. e-mail, SMS, or chosen by end user) and how many attempts users have to answer their security questions before SysAid blocks them. For a full list of options, please go here.
In Password Services, there are two types of notifications: notifications to the end user, and notifications to the administrator.
An end user receives a notification after completing the Reset Password Wizard if the reset password method is either e-mail or SMS. The notification, either an e-mail or an SMS, contains the end user's new, temporary password.
You can edit the text for the SMS and e-mail notifications from the translation file under Customize --> Translate. In the translation file, the keys related to the e-mail notification begin with user.selfService.offline.sendMessage and the keys related to the SMS notification begin with user.selfService.offline.sendSms.
Administrators can receive e-mail, SMS, or service record notifications when a user completes one of the Password Self Service wizards. To configure these notifications, go to Password Services --> Notifications and follow the instructions found there.
Once you've configured Password Services to your liking and your end users have registered themselves, your end users can start using Password Self Service whenever they are locked out of their accounts or forget their passwords. For full instructions for using the Password Self Service Wizard, please go here.
Congratulations! Now that you're using Password Services, you're well on your way to a smoother end user experience and a more fully automated helpdesk!
Password Services contains five reports you can use to keep up-to-date on all activities in the Password Services Module. You may access these reports from the Analyzer, or from Manager Portal --> Reports.
Password Services Reports
Reset Password Audit Report
Shows you a list of all activities related to the Reset Password Wizard.
Unlock Account Audit Report
Shows you a list of all activities related to the Unlock Account Wizard.
Failed Attempts Report
Shows a list of failed attempts to use one of the Password Services wizards.
Enrolled Users Report
Shows you a list of all users who've answered their security questions for Password Services.
Non-enrolled Users Report
Shows you a list of all users who have not answered their security questions for Password Services.
SysAid welcomes your questions and suggestions. We can be reached via phone and e-mail:
Toll Free phone center (U.S): 800-686-7047
Tel (U.S): +1 617-231-0124
Fax (U.S): +1 617 507 2559
Tel (Israel): +972 3 533 3675
Fax (Israel): +972 3 761 7205
SysAid community: http://www.sysaid.com/Sysforums/forums/home.page
You can also view our full support page at http://www.sysaid.com/contact_support.htm.