Remote Password Reset
(Feature available only in Premium and Enterprise editions)

  1. Overview
  2. Remote Password Reset via Agent-less Mode

    2.1 Configuring Remote Password Reset for individual resource types

    i. Windows

    ii. Windows Domain

    iii. Linux/IBM AIX/HP UX/Solaris/Mac OS/VMWare ESXi

    iv. IBM AS400/Sun Oracle ALOM/ILOM/XSCF Sun Oracle ALOM/ILOM/XSCF

    v. MySQL/Postgre SQL

    vi. Oracle WebLogic server

    vii. MS SQL Server

    viii. Oracle DB Server

    ix. Sybase ASE

    x. LDAP Server

    xi. HP ProCurve

    xii. HP iLO

    xiii. Cisco Devices (IOS, CatOS, PIX)

    xiv. Juniper Netscreen

    xv. AWS IAM

    xvi. Google Apps

    xvii. Microsoft Azure

    xviii. Rackspace

    xix. Salesforce

    2.2 Configuring Remote Password Reset for Resource Types in Bulk

  3. Remote Password Reset via Agent Mode

1. Overview

Password Manager Pro provides the option to remotely change the passwords of certain resource types. In general, you can configure remote password reset in Password Manager Pro for any device that can be reached via command-line interface (CLI) and accept commands for managing passwords.

Password Manager Pro allows you to change the password of a remote resource through two modes; agent-less mode and agent mode.

2. Remote Password Reset via Agent-less Mode

If you're configuring remote password reset via agent-less mode, specify the account which will be used to log in remotely to the target resource and reset the password.

2.1 Configuring Remote Password Reset for Individual Resource Types

2.1.i Windows

  1. Password Manager Pro is designed to perform password reset for all Windows local accounts using the service account with which it is running.

    Note: The aforementioned service account should have either domain admin rights or local admin rights in the Password Manager Pro server and in the target systems that you would like to manage.

  1. Log in to the Password Manager Pro server and open the Services console (services.msc) to update the service account of Password Manager Pro service.
  2. However, if you'd like to override this and use a local account for the password reset, then navigate to Resources tab >> Resource Actions >> Configure Remote Password Reset and choose an admin account.
  3. If the Password Manager Pro service is running with a privileged service account (Domain admin or Local admin on all member servers), then it can forcefully reset Windows passwords without the need for the old password to be present inside.

2.1.ii Windows Domain

If you are using the Privileged Accounts Discovery feature to import Windows resources from Active Directory, then Password Manager Pro will automatically add your domain controller as a resource with Resource Type as Windows Domain.

To reset domain account passwords that are present in your Windows Domain resource, specify an admin account to be used for remote login as well as password reset. Follow the below steps to configure remote password reset.

  1. Navigate to the Resources tab and click Resource Actions >> Configure Remote Password Reset beside the respective Windows Domain resource.
  2. Under the Configure Windows Domain Password Reset section, select the domain account as the administrator account.
  3. If you opt to use an administrator account of another Windows Domain resource, select other resource from the configure using an account of field and select the respective administrator account in the Administrator Account field.
  4. Note:It is recommended to use the same Password Manager Pro Service Account here so that it will be helpful for AD Audit purposes

  5. If you opt to perform the remote password reset over an encrypted channel, set the Connection Mode to SSL.

    If you set the Connection Mode to SSL, Password Manager Pro will be connecting to the domain controller through SSL, for which the domain controller's root certificate is required in the Password Manager Pro server machine's certificate store. If you have not yet imported the domain controller's root certificate into Password Manager Pro, do the steps that follow:

    Open a command prompt and navigate to <Password Manager Pro_installation_directory>\bin and execute the following command:
    For Windows:
    importCert.bat <Absolute Path of certificate>
    For Linux:
    importCert.sh <Absolute Path of certificate>

    Restart the Password Manager Pro server and perform the above steps for the remote password reset.

    Note: In the event that the Password Manager Pro application is installed on a domain and there arises a requirement for executing remote password resets for accounts in a different domain, it is necessary to import the available root and private/intermediate certificates of the other domain into the trusted store of the Microsoft Management Console (MMC) on the Password Manager Pro server. For example, the different domain's root and private/intermediate certificates should be imported into the Trusted Root Certificate Authorities store within the Password Manager Pro server's system.

    Note: If Password Manager Pro has the domain administrator credentials, it can reset domain account passwords regardless of the trust between the domain in which Password Manager Pro server is installed and the target domain. Any user with 'modify password' permission for the domain account password in Password Manager Pro will be able to modify the password.

2.1.iii Linux/IBM AIX/HP UX/Solaris/Mac OS/VMWare ESXi

For remote password reset of Unix resources, Password Manager Pro first uses the remote login account to log in to the target system. Then, to carry out password reset, privilege elevation is needed. If the target system supports execution of password reset commands through Sudo, Password Manager can either use the two options available here: 'su' as root or use 'sudo' to execute the remote password reset commands.

  1. Navigate to Resources tab >> Resource Actions >> Configure Remote Password Reset and then do the following:

i. Selecting the Protocol

  1. Select the protocol for remote login method - SSH or Telnet. Next, specify your remote login account. For remote login, Password Manager Pro allows you to either choose an account of the resource type for which you're setting up the password reset or specify an account of any Windows Domain resource stored in Password Manager Pro. To use a Windows Domain account as the remote login account, select the option 'other resource' while setting up the remote login account. Then, specify the Resource Name as well as the Remote Login Account of the desired account.
  2. Specify the authentication method. If you have chosen Telnet or SSH with Windows Domain account for remote login, you can skip this step go to setting the privilege escalation method.

ii. If you opt for SSH, specify the authentication method

  1. If you choose SSH as the Remote Login Method and the remote Unix resource's account as the remote login account, there are two authentication methods you can choose from: "Password Authentication" or "Public Key Infrastructure"(PKI) Authentication.
  2. For PKI authentication, the public key would be present in the remote system under a specific remote login account. Typically, it would be available under $Home/.ssh folder. Select the remote login account for which the public key is present; browse and supply the corresponding Private Key.

    Note: Password Manager Pro supports SSH2 and above only.

iii. Specifying the root account/selecting 'sudo'

  1. As mentioned above, for executing remote password reset commands, Password Manager Pro can use either 'su' as root or 'sudo', which allows the user to run the command with root privileges without having to switch to the root account.
  2. If you use the option, 'su' as root, select the root account.
  3. If the target system allows execution of password reset commands through 'sudo', then select that option.
  4. Click "Save".


    Note: You can also use SSH Command sets to configure remote password reset for the types Linux, IBM AIX, HP UX, Solaris, Mac OS, VMWare ESXi and any other Linux or Unix-based resource types. Click here to learn more.

2.1.iv IBM AS400/Sun Oracle ALOM/ILOM/XSCF Sun Oracle ALOM/ILOM/XSCF

No specific password reset configuration required for these resources as Password Manager Pro will use the accounts added to the resources to perform the password reset.

2.1.v MySQL/PostgreSQL Server

As password reset for a MySQL/PostgreSQL server is done over JDBC, the MySQL/PostgreSQL administrator credentials are required. Follow the below steps to enable remote reset of the password of MySQL/PostgreSQL server:

  1. Navigate to Resources tab >> Resource Actions >> Configure Remote Password Reset.
  2. Specify the port where the MySQL/PostgreSQL server is running. By default, MySQL/PostgreSQL occupies the port 3306.
  3. Specify the connection mode: Connection between MySQL/PostegreSQL Server and Password Manager Pro can be configured to be over an encrypted channel such as SSL or Non-SSL. If you choose SSL mode, do the following:

SSL Mode:

  1. To enable the SSL mode, the MySQL/PostgreSQL server should be serving over SSL and you have to import the MySQL/PostgreSQL server's root certificate into the Password Manager Pro server machine's certificate store. Import all the certificates that are present in the respective root certificate chain - that is the certificate of the Password Manager Pro server machine and intermediate certificates, if any.
  2. To import root certificate, open a command prompt and navigate to <PMP_SERVER_HOME>\bin directory and execute the following command:

For Windows
importCert.bat    <Absolute Path of certificate>

For Linux
importCert.sh    <Absolute Path of certificate>

  1. Restart Password Manager Pro server. Then, continue with the below steps.
  2. To enable access to the MySQL server for Password Manager Pro, provide MySQL Root Account Name.
  3. Click Save.

2.1.vi Oracle WebLogic Server

As Password reset for a WebLogic server is done over JMX, the administrator credentials must be specified before proceeding with the below steps.

Prerequisites

  1. The following JAR files wljmxclient.jar, wlclient.jar, rmic.jar, weblogic.jar will be available under the path <weblogic_install_directory>\wlserver\server\lib> in the WebLogic server.
  2. Copy the JAR files and save them in the \lib folder in the machine running the Password Manager Pro server.

Steps to Configure Remote Password Reset for Oracle WebLogic Server

Follow the below steps to enable remote reset of the password of the WebLogic server:

  1. Navigate to Resources >> Resource Actions >> Configure Remote Password Reset.
  2. Specify the port where the WebLogic server is running. By default, WebLogic server occupies the port 7001. Specify the connection mode - connection between WebLogic Server and Password Manager Pro can be configured to be over an encrypted channel such as SSL or Non-SSL. If you choose SSL mode, do the following.

SSL Mode:

  1. To enable the SSL mode, the WebLogic server should be serving over SSL and you have to import the WebLogic server's root certificate into the Password Manager Pro server machine's certificate store. Import all the certificates that are present in the respective root certificate chain - that is the certificate of the Password Manager Pro server machine and intermediate certificates, if any.
  2. To import root certificate, open a command prompt, navigate to <PMP_SERVER_HOME>\bin directory and execute the following command:

For Windows
importCert.bat    <Absolute Path of certificate>

For Linux
importCert.sh    <Absolute Path of certificate>

  1. Restart the Password Manager Pro server. Then, continue with the following steps.
  2. To enable Password Manager Pro access the WebLogic server, provide the WebLogic Root Account Name.
  3. Click Save.

2.1.vii MS SQL Server

As Password reset for MS SQL server is done over JDBC, it is required to provide either the MS SQL Administrator credentials or a domain account credentials with enough privileges to modify SQL server passwords. Follow the below steps to enable remote reset of the password of MS SQL server:

  1. Navigate to Resources tab >> Resource Actions >> Configure Remote Password Reset.
  2. Specify the instance name of MS SQL server. If the instance name is specified, Password Manager Pro will try to establish connection with specified instance. If not, Password Manager Pro will try to establish connection with the specified port.
  3. Specify the port where the MS SQL server is running. By default, MS SQL occupies the port 1433.
  4. Specify the connection mode - you can configure the connection between MS SQL Server and Password Manager Pro to be over an encrypted channel (SSL) or Non-SSL. If you choose SSL mode, do the following:

SSL Mode:

  1. To enable the SSL mode, the MS SQL server should be serving over SSL and you have to import the MS SQL server's root certificate into the Password Manager Pro server machine's certificate store. Import all the certificates that are present in the respective root certificate chain - that is the certificate of the Password Manager Pro server machine and intermediate certificates, if any.
  2. To import root certificate, open a command prompt and navigate to <pmp_server_home>\bin directory and execute the following command:

For Windows
importCert.bat    <Absolute Path of certificate>

For Linux

importCert.sh    <Absolute Path of certificate>

  1. Restart Password Manager Pro server. Then, continue with the following steps.
  2. To enable Password Manager Pro to access the MS SQL server, provide any one of the following details: Windows Authentication (OR) MS SQL Administrator Account. Select the domain name the MS SQL server is a part of and select any account present in the domain.
  3. Click Save.

2.1.viii Oracle DB Server

To carry out password reset for Oracle DB server, administrative privileges are required, so specify an administrator account.

Important Note: As of August 2022, Oracle extends support to the following versions of the Oracle database only: 18c, 19c, and 21c. Therefore, PMP will also support only these three versions of Oracle DB in the product. Refer to the Oracle Lifetime Support Policy Guide for more information.

Follow the below steps to enable remote reset of the password of Oracle DB server:

  1. Navigate to Resources tab >> Resource Actions >> Configure Remote Password Reset.
  2. Specify the Oracle DB Listener Port. By default, the Oracle DB server listens to the port 1521.
  3. Specify the connection mode - you can configure the connection between Oracle DB Server and Password Manager Pro to be over an encrypted channel (AES 256). If you choose the option 'YES' (encrypted mode), do the following:
    1. Start Oracle Net Manager.
    2. In the Navigator window, select "Oracle Net Configuration".
    3. Expand the option Local > Profile.
    4. From the list in the right side pane, select the option "Oracle Advanced Security".
    5. In the tabbed window that appears thereafter, click the tab "Encryption".
    6. In the drop-down list for Encryption, select the option "Server".
    7. For "Encryption Type" list, select the option "Accepted".
    8. The text field for 'Encryption Seed' can be left blank or you can enter random characters ranging between 10 and 70.
    9. Select the algorithm "AES 256".
    10. Specify an Oracle administrator account.
  4. Specify the Oracle Service Name. By default, the service name is taken as ORCL.
  5. Click Save.

2.1.ix Sybase ASE

Prerequisites

  1. To perform remote password reset in Sybase ASE, jConnect 6.0 JDBC driver is required. The JDBC driver is a file named "jconn3.jar" which will be available under the path <sybase_install_directory>\jConnect_6_0\classes in Sybase ASE 15.0.
  2. Copy the "jconn3.jar" file and save it under <pmp_install_directory>\lib folder in the machine running the Password Manager Pro server.

Steps to Configure Remote Password Reset for Sybase ASE

As administrative privileges are required to carry out password reset for Sybase ASE, specify an administrator account. Follow the below steps to enable remote password reset for Sybase ASE:

  1. Specify the Sybase ASE Port. By default, it occupies the port 5000 (in SSL mode, default port is 2748).
  2. Specify the connection mode - you can configure the connection between Sybase ASE and Password Manager Pro to be over an encrypted channel (SSL) or Non-SSL. If you choose SSL mode, do the following:

SSL Mode:

  1. Copy and save the trust root certificate of the Sybase server present under <sybase_home>\ASE-15_0\certificates (in sybase ASE 15.0) to <pmp_install_directoty>\conf\ folder.
  2. Run this command to import the certificate in Password Manager Pro: '<pmp_home>\jre\bin\keytool.exe -import -v -alias sybase -file <rootcert.txt> -keystore server.keystore -keypass passtrix -storepass passtrix -noprompt'.
  3. <rootcert.txt> is the root certificate of the Sybase ASE and usually named as <hostname>.txt.
  1. Restart Password Manager Pro server.
  2. Specify an administrator account of Sybase ASE.
  3. Click Save.

2.1.x LDAP Server

Prerequisite

At the time of adding a new LDAP resource to Password Manager Pro, you must specify a Distinguished Name for the LDAP server account.

Example: c=administrator, cn=people, dc=test, dc=com.

Steps to Configure Remote Password Reset for LDAP Server

As administrative privileges are required to carry out password reset for LDAP server, an administrator account has to be specified.

For remote reset, Password Manager Pro supports the following types of LDAP servers:

  • Microsoft Active Directory
  • OpenLDAP
  • Oracle Internet Directory
  • Novell eDirectory.

Follow the below steps to enable remote password reset for the aforementioned types of LDAP servers:

  1. Navigate to Resources tab >> Resource Actions >> Configure Remote Password Reset.
  2. Specify the type of the LDAP Server being added.
  3. Specify the LDAP server Port. By default, it occupies the port 389 (in SSL mode, default port is 636).
  4. Specify the connection mode - you can configure the connection between the LDAP server and Password Manager Pro to be over an encrypted channel (SSL) or Non-SSL. Except Microsoft Active Directory, for other LDAP servers, choose SSL or Non-SSL. If you choose SSL mode, do the following.

    Note: If the selected LDAP server is Microsoft Active Directory, the connection has to be through SSL only.

    SSL Mode:

    1. To enable the SSL mode, the LDAP server should be serving over SSL and you will have to import the LDAP server's root certificate into the Password Manager Pro server machine's certificate store. You need to import all the certificates that are present in the respective root certificate chain - that is the certificate of the Password Manager Pro server machine and intermediate certificates, if any.
    2. To import root certificate, open a command prompt and navigate to <PMP_SERVER_HOME>\bin directory and execute the following command:

      For Windows
      importCert.bat    <Absolute Path of certificate>

      For Linux
      importCert.sh    <Absolute Path of certificate>

  5. Restart Password Manager Pro server. Then continue with the following steps.
  6. Specify an administrator account of LDAP server.
  7. Click Save.

2.1.xi HP ProCurve Devices

For HP ProCurve Devices, Password Manager Pro requires Telnet or SSH service to be running in the resource. Specify the Manager Account and Manager Mode Prompt and Configuration Mode Prompt details for Password Manager Pro to login to the resource. Password Manager Pro will use the configuration mode to reset the passwords.

  1. Navigate to Resources tab >> Resource Actions >> Configure Remote Password Reset.
  2. Provide the following details:

i. Remote Login Method: Password Manager Pro supports SSH and TELNET protocols through which connection could be established with the device for password reset. Select the required protocol.

ii. Manager Account: Login account for establishing connection with the device. If the device is configured to prompt for the user name, then select the option Account name required for login. The account name associated will then be used with the user name prompt. If this option is unchecked, Password Manager Pro will expect only the password prompt.

iii. Manager Mode Prompt: The prompt that appears after successful login.

iv. Configuration Mode Prompt: This is for entering into privileged mode to perform password reset.

v. Copy Password Changes to the Startup Configuration: Select this option to apply the password changes made to the running configuration in Password Manager Pro to the startup configuration.

Note: Enabling the option to copy the running configuration to the startup configuration will cause the current configuration content, including those made outside of Password Manager Pro, to be copied immediately.

2.1.xii HP iLO

  1. Navigate to Resources tab >> Resource Actions >> Configure Remote Password Reset and enter the following details.

i. Remote Login Method: Password Manager Pro supports SSH and TELNET protocols by which connection could be established with the device for password reset. For this to work, Telnet or SSH service must be running in the resource.

ii. Enter the port: By default, SSH occupies the port 22.

iii. Specify the prompt: Enter the prompt that appears upon successful user login and also the user account with administrator privileges.


2.1.xiii Cisco Devices (IOS/CatOS/PIX)

Password Manager Pro requires Telnet or SSH service to be running in the resource. Passwords of the enable mode and a user account are required for Password Manager Pro to log into the resource. Password Manager Pro will use the configuration terminal mode to reset the passwords. Follow the below steps to enable remote password reset for Cisco devices:

  1. Navigate to Resources tab >> Resource Actions >> Configure Remote Password Reset and specify the following details.

i. Remote Login Method: Password Manager Pro supports SSH and TELNET protocols by which connection could be established with the device for password reset. Select the required protocol.

ii. Remote Login Account: Login account for establishing connection with the device.

iii. Account name required for login: For the user and enable modes, if the device is configured to prompt for the user name, then check on the option 'Account name required for login'. The account name associated will then be used with the user name prompt. If this option is unchecked, Password Manager Pro will expect only the password prompt.

iv. User Mode Prompt: The prompt that appears after successful login.

v. Enable Secret: This is for entering into privileged mode to perform password reset. If the remote login account has enough privileges to modify passwords, it is not necessary to specify Enable Secret.

vi. Enable Password: This is for entering into privileged mode to perform password reset. If the remote login account has enough privileges to modify passwords, it is not necessary to specify Enable Password.

vii. Enable Mode Prompt: This is the prompt that will appear after going into enable mode. For example, #.

viii. Configuration Mode Prompt: To carry out any change to any feature/configuration of the device, you need to enter configuration mode. The prompt that will appear while going into configuration mode has to be entered here. For example, # "Primary Credentials".

ix. Copy Password Changes to the Startup Configuration: Select this option to apply the password changes made to the running configuration in Password Manager Pro to the startup configuration.

Note: Enabling the option to copy the running configuration to the startup configuration will cause the current configuration content, including those made outside of Password Manager Pro, to be copied immediately.

2.1.xiv Juniper Netscreen Firewall Devices

Password Manager Pro requires Telnet or SSH service to be running in the resource. Admin Account and Prompt of Admin Account are required for Password Manager Pro to login to the resource. Follow the below steps to enable remote reset of passwords for Netscreen devices:

  1. Navigate to Resources tab >> Resource Actions >> Configure Remote Password Reset and specify the following details.

i. Remote Login Method: Password Manager Pro supports SSH and TELNET protocols by which connection could be established with the device for password reset. Select the required protocol.

ii. Manager Account: Login account for establishing connection with the device. If the device is configured to prompt for the user name, then check on the option 'Account name required for login'. The corresponding account name will then be used with the user name prompt. If this option is unchecked, Password Manager Pro will expect only the password prompt.

iii. Manager Mode Prompt: The prompt that appears after successful login.


2.1.xv AWS IAM

  1. Password reset for AWS IAM user accounts is done using AWS SDK.
  2. Navigate to the Resources tab >> Resource Actions >> Configure Remote Password Reset. The administrator account's access key and secret key are required.
  3. The access key and secret key should have been added as passwords in Password Manager Pro. These passwords can be associated with an account of any resource type, which can be used for the remote synchronization.

2.1.xvi Google Apps

  1. Password reset for Google Apps is done using Google Data APIs.
  2. To enable the Password reset option for GApps, select an administrator account has so that it can be used to reset the passwords of other admin/user accounts.

2.1.xvii Microsoft Azure

Remote Password Reset using MS Online Module:
(This reset procedure is applicable prior to build 12230)

Prerequisites:

Password Reset for Microsoft Azure accounts is done using PowerShell so works only if PowerShell 2.0 and above. Also, the MSOnline module of PowerShell needs to be installed.

Installing Windows Azure AD Module for PowerShell:

Before configuring Microsoft Azure with Password Manager Pro, install the appropriate version of the Windows Azure AD Module for Windows PowerShell for your OS.

For 64-bit Systems

  1. Open PowerShell (Run as administrator).
  2. Execute the following command to install MSOnline module:
    • Install-Module MSOnline
  3. After installing the module, move the MSOnline folder from path C:\Program Files\WindowsPowerShell\Modules to  C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules.

Note: If you are unable to locate the MSOnline folder, execute the following command to find the path where the module is installed:

  • $env:PSModulePath -split ";"

Configuring Remote Password Reset:

For resetting the passwords of user accounts, select an administrator account to enable remote login.

  1. Navigate to Resources >> Resource Actions >> Configure Remote Password Reset.
  2. Select an Administrator Account and click Save.

Remote Password Reset using Azure Application:
(This reset procedure is applicable from build 12230)

Prerequisites:

To perform a remote password reset for Microsoft Azure resource from Password Manager Pro, you need a Microsoft Azure administrator account and an Azure enterprise application in the Microsoft Azure portal.

  1. Create an Azure enterprise application in the Microsoft Azure portal.
  2. Create a client secret for the created Azure enterprise application.
  3. Add the created Azure enterprise application as an Azure App resource in Password Manager Pro and the client secret as an account for the created resource.

Configuring Remote Password Reset for Microsoft Azure Resource:

Post performing the above prerequisites, do the steps that follow to perform the remote password reset for your Microsoft Azure resource from the Password Manager Pro interface:

  1. Click the Resource Actions dropdown menu beside the respective Microsoft Azure resource for which the remote password reset has to be made.
  2. In the dropdown that opens, click Configure Remote Password Reset.
  3. Now, in the pop-up that opens, select the administrator account of the Microsoft Azure portal in the Administrator Account field.
  4. On the Azure App Client Credential field, in the Select Resource dropdown, select the Azure enterprise application created in the Microsoft Azure portal and added to Password Manager Pro as an Azure App resource. In the Select Account dropdown, choose the client secret added as an account inside the Azure App resource.
  5. Now, click Save to perform the remote password reset.

2.1.xviii Rackspace

  1. Password Reset for Rackspace user accounts is done using Rackspace REST APIs.
  2. To carry out password resets, navigate to Resources tab >> Resource Actions >> Configure Remote Password Reset. Here, a Rackspace administrative credential is required which has to be selected as the admin account.

    Note: The following are the location-based Authentication End Points available for connection to the server.

    US-based end point: https://identity.api.rackspacecloud.com/v2.0

    UK-based end point: https://lon.identity.api.rackspacecloud.com/v2.0


2.1.xix Salesforce

  1. Password reset for Salesforce user accounts is done using Force.com REST API.
  2. In order to proceed with the configuration, navigate to Resources tab >> Resource Actions >> Configure Remote Password Reset. The administrator account's Client ID and Client Secret are required.
  3. The Client ID and Client Secret should have been added as passwords in Password Manager Pro. These passwords can be associated with an account of any resource type, which can be used for remote synchronization.

2.2 Configuring Remote Password Reset for Resource Types in Bulk

To configure remote password reset in bulk for the supported resource types, follow the below steps:

  1. Navigate to the Resources tab and select the required resources.
  2. Go to Resource Actions >> Configure >> Remote Password Reset.

  3. In the Configure Remote Password Reset window that opens, all the available resources will be listed. Enter configuration settings individually and save changes. Click here for more details on how to configure password reset for each resource type.

3. Remote Password Reset via Agent Mode

If you have devices residing in a demilitarized zone (DMZ) or if you have multiple sites/networks protected by firewalls, then Password Manager Pro will not have direct connectivity to those target systems. In such cases, use the Password Manager Pro Agents to manage the passwords of those target systems. Password Manager Pro Agents operate using a one-way communication from the target system to the Password Manager Pro application server. Therefore, the ports do not have to be opened for inbound traffic in the target network. Only outbound access is required for the Password Manager Pro Agent to reach the Password Manager Pro login page (Default port: 7272).

To download the Password Manager Pro Agent, navigate to the Admin tab >>  PMP Agents. There are 64-bit and 32-bit agents for Windows, Windows Domain, and Linux. Among this, the Windows Domain Agent needs to be deployed in a DMZ domain controller.

Click here for more on Password Manager Pro Agents.

Top