Hi Gavin,
Thanks for the forum post.
In
PMP, we manage the accounts based on the account type. If you are
trying to manage Domain accounts the resource type should be
WindowsDomain here you will add your domain controller details.
Domain controller details have to manually added. For managing the
local accounts of domain member servers, the resource type will be
windows. This resource can be added manually or you can use the
import from domain option which is available in the Resources Tab
-> More actions. So, based on the account you are trying to
manage the resource has to be created in PMP.
However, we do have an option to associate a domain
account to member servers and login using those credentials. So,
you need not add the domain account in each member server. Since,
you are only associating the domain account to the member server
whenever you reset the password of a domain account the member
server will automatically take the new passwords and you need not
update them on each member server resource.
In
order to associate the domain account, if you edit any one of the
windows resource, you will able to see the domain controller in
Configure Auto Logon Helper option. Now, you can select one domain
account using which you can login to windows server. Also, you
should share this domain account alone(not the complete resource)
to the domain user so that he can use his domain credentials to
login to the windows server.
Additionally, if you are using 7103 or above version
there is provision to launch a direct RDP connection with target
resources using any domain account that is owned by / shared to
the user. In addition, users can opt to use the currently logged
in AD account too to connect with the remote resource.
The
details of configuring the same is available below.
Local Accounts(Domain Member servers)
You can then follow below mentioned steps to manage
Local account password using PMP on the Domain member servers.
- Add the end machine with resource type "Windows" and supply the FQDN/IP address in the DNS name field.
- Edit the Windows resource and make sure "supply credentials" is unchecked.
- Stop the PMP service.
- Navigate to services console. Right Click Password manager pro service and select properties.
- Switch to the Logon Tab at the top. Change the Local system account to "This Account".
- Change the Local system account to "This Account". Create a dedicated account which has the privilege to perform Password reset and verification and supply this account for the PMP service.
- Then start the PMP service. Now try to a reset and verify the passwords .
(Or)
Run the PMP service with a privilege domain account
and then, you can use the import from domain under resources
tab -> More actions which will automatically import all
the domain member server along with local accounts present
in it.
Domain Accounts
For managing the Domain account password the
resource type is "Windows Domain" and you can
follow below mentioned steps to manage domain account
password using PMP.
- Add the Domain controller with the resource type as "Windows Domain"
- Edit the Windows Domain resources and supply the FQDN/IP address in the DNS Name field and the Domain name in the "Domain Name" field.
- Add an domain admin account which can perform password reset on other account under this resource.
- In the supply credentials, make sure that domain admin account is selected.
- Then try performing the password reset and verification.
- Also, you can run the PMP service with a dedicated domain account which has the privilege to perform password reset and verification.
Hope this helps you. Feel free to write to us
if you have any other questions.
Thanks & Regards,
Chris
[Technical Consultant | Password Manager Pro]
![]()
Chris
[Technical Consultant | Password Manager Pro]
