Introduction and Quest Password Manager Installation
Quest Password Manager (QPM) is a piece of software that provides a simple, secure, self-service solution that enables end users to reset forgotten passwords and unlock their accounts. In this guide we will cover the integration possibilities of Quest Password Manager with the K1000 Systems Management Appliance.
Due to the customizable nature of the K1000 appliance we can embed a link to the password manager interface in the User Portal welcome page. We can also create a fully automated service-desk queue to which users can send an email and get an auto-reply with instructions to reset their password.
I will not go into great detail about the installation and setup of Quest Password Manager here. Quest already has many wonderful guides that outline the installation. The Administrator Guide can be downloaded here. The User Guide can be downloaded here.
Install the application and then configure in accordance with your specific needs.
You will need to create a DNS record for the password management website so it can be resolved within your network. Consult your network administrator if you need this to be available outside your network as well. For this guide I have created an A record called “passwordreset” pointed to the IP of my Quest Password Manager server. My password manager is running as the default website on my webserver.
Ensure that, after setup, you are able to access the QPM website from another system on the network.
Once it can be accessed correctly by its web address we can begin the integration steps with the K1000.
K1000 User Portal Integration
The main point of integration of Password Manager and the K1000 is to very simply put a link on the User Portal Welcome Screen of the K1000. The user portal text can be customized by going to Settings > General Settings. Towards the middle of the page you should see User Portal Setting.
Here in the “Portal Text” section you can customize the way your portal looks. It accepts HTML or Plain Text. I use HTML here because it gives me a lot more control over how the portal looks. If you are not familiar with writing HTML you can use any WYSIWYG HTML editors available online. I, personally, used the one at http://www.quackit.com/html/online-html-editor/ . It had all the features I needed to create my user portal.
Create the layout you wish to have in the HTML editor, export the HTML and paste it in the “portal text” section of the K1000 settings shown above.
Here is an example of a user portal with the link embedded:
You may also choose to customize the QPM portal with your company’s logo and make the color gradient match the K1000 so that the end users have a more seamless experience.
Here is an example of a slightly customized QPM portal:
You can tweak the look to your liking in the general settings of the QPM administration portal.
K1000 Password Reset Helpdesk Queue
You can also create a customized helpdesk queue to auto-send instructions to reset your password using QPM. This queue can be automated to require no admin interaction. This will be a very minimal queue. Configure your queue fields and layout like the following images.
No changes to the custom fields are needed. Layout can be adjusted to your liking.
Save the changes and return to the main queue page. Once there you will want to configure the ticket defaults and email on event alerts. Configure as shown and save.
The next thing we will want to do is customize the email instructions that will be sent to the end user. Click on the [Customize Emails] link. We will be editing the text in the Email Ticket Creation Acknowledgement section.
Example Text:
------------------------------------------------------------
$helpdesk_name created a ticket in response to your email to $helpdesk_email.
To reset your password please click the link below and follow the instructions given.
https://passwordreset.whitman.com/qpmuser
This ticket will automatically close in 1 hour. If you are not able to reset your password in this manner please submit a ticket to the main IT helpdesk at helpdesk@whitman.com
Thank you.
------------------------------------------------------------
This email will be sent to the end user when a ticket is created via email to the password reset queue.
To close the tickets automatically after an hour we will utilize a custom ticket rule. Create a new ticket rule and just click next through the wizard. We will replace the information in the rule with the table below.
Frequency: |
Hourly |
Select Query: |
|
Query result by email: |
Do not use |
Comments In Ticket: |
Auto-closed by system. If you need further assistance please submit a ticket to the main IT helpdesk. |
Send Email for |
Do not use |
Update Query: |
Any ticket that is open longer than 1 hour will now close when this ticket rule runs each hour.
Conclusion
With the installation of Quest Password Manager and the K1000 integration steps taken above you now have an automated password reset tool that will free up precious time for the IT staff to tackle other pressing issues.
Resources
K1000 Helpdesk Guide: http://www.kace.com/support/resources/~/media/Files/Support/Documentation/K1000/v54/K1000-Service-Desk-v54.ashx
K1000 Admin Guide: http://www.kace.com/support/resources/~/media/Files/Support/Documentation/K1000/v54/K1000-Admin-Guide-v54.ashx.
Quest Password Manager Homepage: http://www.quest.com/password-manager/
Online WYSIWYG HTML Editor: http://www.quackit.com/html/online-html-editor/
Comments