Self Service Password Reset has a flexible configuration. You must choose what works best for you in your environment to properly configure it. Self Service Password Reset requires a location to install the application, a back-end user store, and a location to store the users’ information such as the challenge-response information. Self Service Password Reset provides many different options for these main components. You must decide which components you want to use before installing Self Service Password Reset.
Answer the following questions to select the appropriate configuration for your environment.
There are two different versions of Self Service Password Reset: a full version and a trial version. The trial is only for testing purposes.For more information, see Obtaining Self Service Password Reset.
Select where and what platform you want to use to install Self Service Password Reset. The supported locations and platforms are:
On-Premise: You can install and deploy Self Service Password Reset on-premise in your own IT environment. The support platforms for on-premise are:
Virtual: You can deploy the Self Service Password Reset appliance in Hyper-V or VMware.
Linux: You can deploy the Self Service Password Reset WAR file on SUSE Linux Enterprise Server or Red Hat Enterprise Linux.
Microsoft Windows Server: You can install Self Service Password Reset with the .msi file on a Microsoft Windows Server.
In the Cloud: You can deploy Self Service Password Reset in the following Cloud environments:
Amazon Web Service: You can deploy the Self Service Password Reset WAR file on SUSE Linux Enterprise Server.
Microsoft Azure Marketplace Platform: You can deploy the Self Service Password Reset .msi file on a Windows Server 2016 running in Azure.
Self Service Password Reset can manage users’ credentials as long the information is in an LDAP directory. Select the LDAP directory that contains the users account that Self Service Password Reset will manage. The supported LDAP directories are:
Active Directory
eDirectory
NOTE:eDirectory is currently not supported on the Amazon Web Server or in Microsoft Azure Marketplace.
Oracle Directory Server and use an Oracle database to store the users’ challenge-response information
For more information, see Installing Self Service Password Reset.
Self Service Password Reset must have access to either a database or an LDAP directory to stores the user’s information such as the challenge-response information. Select the location where you want to save the users’ information:
Local Database: Self Service Password Reset contains a local database you can use to store the users’ challenge-responses information.
WARNING:Do not use the local database in a production environment as there are no methods to make the local database storage redundant, nor are there optimal backup methods available for the local database.
External Database: Best practice is to use an external database to store the users challenge-response information. The external database provides the ability to cluster to the database and easily backup the database. The supported databases are Microsoft SQL Server, PostgreSQL, and Oracle database. For more information, see Installing Self Service Password Reset.
IMPORTANT:You must have an empty database created to install Self Service Password Reset with the external database. The installers create the appropriate tables and schema for the database that you choose to use.
LDAP: You can securely store the users challenge-responses in the following LDAP directories:
Active Directory: If you choose to use Active Directory, it must be the same Active Directory domain where your users’ accounts reside.
eDirectory: If you choose to eDirectory, it must be the same eDirectory tree that contains your users’ accounts.
NOTE:eDirectory is currently not supported on the Amazon Web Server or in Microsoft Azure Marketplace.platforms.
eDirectory with NMAS You can securely store the users challenge-responses in eDirectory using NMAS. Self Service Password Reset can read password and challenge policies from eDirectory. After saving a user’s challenge-response answers, Self Service Password Reset can optionally write the challenge-response answers to the NMAS challenge-response format in addition to the configured methods. This enables interoperability of Self Service Password Reset with other products.
For more information, see Installing Self Service Password Reset.