import LAPS passwords to PMP
We are in the process of implementing PMP in our organisation. We use Microsoft LAPS (Local Administrator Password Solution) to manage the local administrator accounts of all workstations and servers. LAPS will reset the Local Admin account password in a scheduled time to a random password and store it on AD (this is done by Group Policy). However, LAPS does not offer the option to keep password history, we would like to see if it is possible for PMP to import the password from the AD account attributes
Manage IIS .NET Users
I am trying to figure out if one of the Manage Engine products will manage .NET Users' accounts. Essentially we would like to have this product create new accounts and in turn notify the users when their password is expiring and / or allow them to change the password through the tool. It would be a huge bonus if we could use the tool for single sign on to the web application also. Currently we have a web based app on IIS 7.5. We have 250 users on the site but all of those are currently being created
Password Violations
PROBLEM: There is no way of setting password policy on individual user accounts in bulk based on a resource group as can be done for password resets. Here's the ISSUE: 1. I auto import all servers ( say 100 servers ) in the domain ( each server has admin1, admin2 and guest accounts ) 2. The servers are automatically assigned to a dynamic criteria based Resource Group that includes user account = admin2 as one of the criteria Password Policy is set to password < 30 days and 4-20 chrs with special
getMasterInfo & getSlaveHost pmp0.txt log
Hello, Can someone explain what getMasterInfo and getSlaveHost commands are for? I see Info errors for these two commands in pmp0.txt log very often. I looked in the directory and did notice the Primary.conf file is missing. Is that conf file needed and what is it for? [com.adventnet.passtrix.client.util.ClientUtil]|[INFO]|[17]: getMasterInfo - conf file does not exists ..\pgsql\bin\Primary.conf| [com.adventnet.passtrix.client.util.ClientUtil]|[INFO]|[70]: getSlaveHost - conf file does not exists
PMP Enterprise - Dual import / can no longer delete resources.
Product : ManageEngine Password Manager Pro Version : 8.3.0 Build Number : 8300 Our Enterprise installation of PMP has been running fine for some time. However, beginning just recently we can no longer delete resources. On top of that, during a recent import task, PMP imported the resources twice, so we have double listings for 100+ resources. We actually had to bring down our active instance because the CPU was pegged by postgres attempting to delete the resources. When I trigger a deletion request,
Field for generic notes
Hi All, Is there a way to add notes to an resource ala the notes field as with a user account under Account Attributes? It is possible to add an extra Resource attribute field, but that is only 1 line and will not satisfy. An other option what is acceptable is to create a new resource type with only a notes field. But what I see is that the minimum Resource Attributes are: Resource Name, DNS Name / IP Address and for Account Attributes: User Account and Password. Any suggestion? Greetz, Gerard.
In-place upgrades
Is there any way to perform an in-place upgrade of Password Manager Pro? For production environments that have integrated automatic credential retrieval at runtime, or at start of service(s), the ability to perform zero-downtime upgrades is crucial.
Upgrade path for tomcat and java?
Based on information from my cybersecurity department, the version of tomcat that PMP uses is 3 major revisions behind and has nearly 40 published vulnerabilities. Also the version of java is out of date. Is there a recommended update path for tomcat and java?
Default 'Guest' account - PMP
I am trying to upgrade from 8303 to 8400. With the new requirements it is asking us to change the default PMP 'guest' password. I go into Admins > Users: guest account, and there is no way to change the password. How can I change the password to meet the new requirements?
Troubleshoot Auto Logon Issues failed
Please help, it will show "The connection has timed out" after loading.
Regarding vulnerabilities disclosed in seclists.org
Hi, This is with reference to the security vulnerabilities in Password Manager Pro disclosed by security researcher Sebastian Perez in seclists.org on 4 April, 2016. The vulnerabilities were largely addressed in PMP builds 8300 and 8303 and if you are using PMP versions 8303 and later (released in Dec 2015), no action required from your end. If you are using versions 8302 or earlier, you need to upgrade to 8303 or to the latest version 8402. Here are some background details: Security researcher
API: Delete Account from Resource
Reading over https://www.manageengine.com/products/passwordmanagerpro/help/restapi.html - there is no documented call to delete an account from a resource, only delete the entire resource. Is there a way to handle this? Thank you.
Bulk edit passwords for different user accounts at once
Good day, I'm currently using the Enterprise version of Password Manager Pro. I have added several resources, with 2 user accounts per resource. These user accounts represent our admin logins and user logins respectively. Currently, I can filter my resources using Resource Groups, checking them and choosing More Actions > Perform Password Reset. I activate the second radio button, which lets me indicate a custom password for all user accounts. But I want different passwords for each of the 2 user
How can I schedule Service Account Discovery?
How can I schedule Service Account Discovery? Thanks Cris
Are service accounts running tasks
I need to know if service accounts are running tasks. Can I run a script to generate this info? Thanks Cris
PMP - Service Account Details Report
A Service Account Details Report would provide a great benefit to plan changes to service accounts. Thanks Cris
RDP'ing on to PMP Server - No system tray icon for some admins
Hi, We're in the process of spreading the PMP knowledge around a couple of the members of our team. To this end, one of the "students" was tasked with following the service pack installation procedure on our PMP server. The problem is, when they RDP on to the server, they are unable to see the PMP icon in the system tray. When the the other students RDP on, they can't see it either, which means we can't carry out the work independently. The system owner (the guy who installed it in the first
Using bookmarklet with PMP server alias
Dear Sirs I have PMP 8401 and PGsql. I set up some web resources, and I want to make the bookmarklet work. My server address is: pmp-server Since we use DNS aliasing, I want the address to be reached as passwordmanager.domain.com The bookmarklet works when I connect to the PMP server using https://pmp-server:7272 , I click on the web resources and I click on the bookmarklet once the web resources displays the login form. This way, username and password fields are correctly filled. When I connect
how to reconfigure a new secondary server in HA
Good morning to everybody. I have to change my secondary server in HA, I try to stop the primiry server, e follow the procedure to install the HA on the new secondary server. I copy the HApack and the secondary server and uncompress it replacing every files, import the certificate of the secondary on the primary, and start every server. But on the HA Page remains the old Secondary server, do you have any solution to solve it? thank you very much Marco
Link in Workflow emails incorrect
I've configured a workflow on a resource and whilst PMP sends the email the embedded link in the email is incorrect and has to be manually corrected in the browser. How can I correct this? https://clan8blog.wordpress.com/
Resource Group Wildcards
I am trying to create resource groups based on the 5th character of a resource name. The _ character seems to work as a wildcard but it matches any number of characters. Is there a single character wildcard?
Specific use case for PMP Premium Edition?
I'd like someone to comment/confirm that PMP Premium Edition can meet the following use case/requirements: Environment: I have multiple internet-facing Linux-based SFTP file transfer servers that are accessed by multiple external companies (per SFTP server) that push and/or pull files securely. I do not wish to have Linux admins manage the SFTP server accounts & passwords, I want to have a web-based system for these functions. Absolute separation of these external companies' SFTP server access (and
Anyway to update the copyright?
On the login page the copyright is 2009 "© 2009 ZOHO Corp., All rights reserved." and in a few other spots on the site. Is there anyway this can be updated to 2016? Users don't want to see a copyright that old. If there's a way to do it myself I'm fine with doing that as long as future release have this update, just let me know which file to hack (saw it a few files that had it but I figured it'd be best to change it at the origin).
Mouse pointing issue at RDP session
We are connecting to windows server used auto login feature. We are facing problem to work with mouse. Mouse pointer is pointing to one location but selecting location is down. Mouse pointing issue at RDP session. Most of the time we are facing such issue. Please guide us to resolved this issue. Regards Ruhul
API user account creation and deletion via the API
The ability to add and delete users via the RESTful API, or by way of SSH would allow for more programmatic uses. Currently, this function can only be performed via the interface. It would also be a huge value add to be able to retrieve an API user's auth-token via the API as well.
Personal passwords
Hi, We are using the standard edition and previously, a few years I guess, we used to have a personal link on the top-navigation bar where we could store our personal passwords. This wasn't really used that much but I do remember setting up an encryption key and possibly saving a password or two in there. We are now reviewing how we use PMP and are keen to begin using the personal passwords feature. Can you advise what I can do to bring back the personal link? Under General Settings > Personal
Password Change Error
We recently updated our Password Manager Pro installation from 8101 to version 8.3.0, build number 8303. We have users that are set up to be able to change the passwords of certain resources. However since the update they have been unable to do so and just receive the below 'Unauthorized Access' error message. The administrator users are still able to update the passwords for these accounts. Is this issue a known problem, and how do we fix this? Is this addressed in the latest updates (8400,8401)?
PMP with IBM I Series (AS/400)
I am trying out the PMP application, and need to manage my IBM I (AS/400) accounts; however, I am having a bit of trouble. I can use the built in SSH portal, and connect without issues, but if I try a password change, or verification, it fails. The error when changing passwords is: Connection refused:Connect. Have anyone tried this setup before, and were you successful? If so, I would appreciate some assistance.
Upgrade Pack 7100 to 7500
We are currently seeing issue with this upgrade path. System Info: ------------------- Linux - CentOS 6.7 (64bit) 2 CPU 4GB Memory 25GB Disk space. We are performing the upgrade from the command line (No GUI available) Things done so far: upgraded Java from 1.6 to 1.7 using PMP instructions. Performed a soft link redirection for libDiskspace.so updatemanager.sh was trying to use the 32 bit version. We moved that to .NOLOAD then soft linked the 64bit version to where the 32 bit was. This allowed the
Password Manager Pro SAML with ADFS
Team Do you have any documentation to configure the SAML for PMP with ADFS for AD imported user accounts. I tired setting up the relay party but was not successful at all. I was not able to find the logs related to SAML for me to check and resolve the issue. Please help. Regards Riyaz Hussain
Adding members of a security group to a user group
Is there any programmatic way to add members of an Active Directory security group to a user group in PMP? I know this can be done manually, but in order to satisfy my use case, I need this to be automated.
Setting passwords on LINUX servers failure - Agent Not Installed
I am running Linux Servers RHEL 5 For each server, there is a login user (pmpuser) and of course root. I can verify both are pmpuser and root are in sync with no issues from the PMP WEB GUI. When I try an SSH connection from the SSH tool , it works In Linux, I can see the pmpuser logging into the server from /var/log/secure when verifying the passwords are in sync The issue now is with changing the passwords. Regardless of the su or sudo setting the password change fails with the message below:
8.3 - Adding Resource Group - Specifying a Criteria
Can anybody else ever get a criteria to actually display a match when adding a Resource Group? No matter what criteria I put in, no matter the option, I never see a match displayed when hitting search or even if I hit Save, start a scheduled password reset and click View Applicable Resources. I have tried IE and Chrome and Firefox.
SMTP Server Details
When am trying to test the server it shows me this " enable to connected to the SMTP " plz help me out
PMP behind reverse proxy
Hi All, Is it possible to configure an source IP check in Password Manager Pro? I would like PMP available behind an reverse proxy and allow only that source IP address from my reverse proxy to get access to PMP. Best regards, Gerard.
API keystore file retrieval
Hi, Is it possible to retrieve a keystore file from PMP using the REST API, XML-RPC or both? It is not supported from the SSH API. I tried the REST API but did not get an encoded file or anything like that. I would have expected a hex string.
Checking password integrity of MS SQL Server accounts
Hi, I've a few SQL Authentication accounts which I want to perform a password integrity/verify password on. Is there a particular way the resource needs to be set up to support this functionality? I assume the 'DNS Name' or 'Resource URL' comes into play? Does the formatting need to change for Default vs Named SQL Instances? Any assistance you can provide is greatly appreciated.
What characters should be disallowed in passwords?
I have confirmed that a double quote " should never be used in a password in PMP, if you plan on having PMP rotate a password. This is because PMP calls some scripts (powershell or VBS) and since the double quote is not properly escaped, it truncates the command in the script and fouls everything up. I suspect single quote ' also does the same. So I have excluded these in my password policy. BUG ALERT: if you put in double quote " into the Characters Not Allowed field in a Password Policy, it will
auto login to vcenter web client 5.5/6 posting user/pass
hi all i want to configure Vcenter Web Client as a web resource inside PMP but cannot find the correct url to match and post user/pass to SSO Server or Vcenter server itself. is there any workaround for this ?
Auto Logon Helper script for xterm
Hi Guys, Please guide me, How to configure xterm, it's possible I can recored the session ? In my-case I have starting my application via FreeNX, How to keep track what the changes made users.
Next Page