• Better than AD – Adopt more secure data access policies beyond the control offered natively in Active Directory. Increase security by eliminating help desk errors, reduce the need for users to write down their passwords and make password guessing and break-ins more difficult.
• Seamless Integration with Windows – Serve users from multiple domains, with or without trusts. Strong data encryption and secure communication are provided through support for leading technologies such as 3DES, MD5, SSL and Microsoft’s CryptoAPI.
• Do It Yourself – Empower users to handle basic password tasks on their own to reduce help desk costs and realize a fast ROI.
• Enroll it! – Ensure that users enroll in and use self-service when they need to change passwords, reset forgotten ones or unlock their accounts — eliminating the need for users to continue making expensive support calls.
• Your Policy Your Way – Accommodate the entire range of security policies, and ensure that passwords conform to requirements — per group or organizational unit — for length, composition, history and lockout well beyond that provided natively by Active Directory (AD).
• Making Help Desk’s Life Easier – Provide administrators with robust logging and reporting features, making it easy to monitor password management activity and correct abnormalities.
• Enterprise-wide Password Management – Extend AD-based password management to non-Microsoft operating systems, such as Unix and Linux, through Quest Authentication Services; the addition of two-factor authentication through Quest Defender; integration with an enterprise-wide single sign-on initiative through integration with Quest Enterprise Single Sign-on; and enterprise-wide password synchronization with Quest One Quick Connect. Password Manager will support your larger IAM initiatives and enterprise-wide password management needs.
• Phone-based Authentication (Add-on) – Increase security and validate the identity of the user by adding phone-based authentication. With phone-based authentication, users will receive an automated SMS or call to the phone number on record with a one-time PIN code. The PIN code will then be entered on the self-service site to authenticate before performing password management tasks.

System Requirements

This section provides system requirements for installing and running Quest One Password Manager and its components.

Password Manager Service and Administration Site System Requirements

Before installing Quest One Password Manager, ensure your system meets the following minimum hardware and software requirements:

Quest One Password Manager works with Windows 2000, Windows 2003, and Windows 2008 domains, including domains operating in a mixed mode.

Self-Service and Helpdesk Sites System Requirements

Ensure that each of the client computers meets the following minimum software requirements:

Password Policy Manager System Requirements

To be able to implement password policies in an Active Directory domain managed by Password Manager, you must deploy the Quest One Password Policy Manager component on all domain controllers in the managed domain.

The domain controllers where you plan to install a 32-bit or 64-bit version of Quest One Password Policy Manager component must meet the following requirements:

Secure Password Extension System Requirements

To allow password resets from the Windows logon screen, you must deploy Quest One Secure Password Extension on all target computers in a managed domain. The target computers must meet the following minimum software requirements:

Password Manager Reports System Requirements

To be able to use Password Manager reports, you must install SQL Server and then configure reporting settings on the Password Manager Administration site.

Quest One Password Manager supports integration with the following products:

• Quest Defender 5.7
• Quest One Quick Connect 5.1
• Quest One ActiveRoles Web Interface 6.8
• Quest Enterprise Single Sign-On 8.0.2 or later