Previous Next PDF

swipe to navigate

How do I reset the superuser application ID's password?

In the event that the Hitachi ID Password Manager administrator forgets his own application password into Password Manager, Password Manager comes with the ADM_SET utility that allows a user with an administrative console login on the Password Manager server to reset the Password Manager application administrator password. This program can also be used to unlock/enable a superuser ID. ADM_SET is only accessible from an administrative command prompt on the Password Manager server.

Where does Password Manager store Q&A data?

Password Manager normally stores security questions, used to authenticate users who forget their passwords, in its internal database. The questions and answers are encrypted using 256-bit AES using a secret key. Alternatively, Password Manager can be tied to an external repository (e.g., LDAP, AD, Oracle, etc.) where it reads and writes encrypted or hashed security question data and possibly login IDs.

How do I write reports that directly query the Password Manager database?

There are three options to support custom reports in Password Manager:

  1. There are over 180+ built-in reports. Most of these accept many search parameters and options, producing totally different output depending on how they are run. The first and best choice is always to try to find a built-in report that already performs the required analysis.
  2. The Password Manager database is a normalized SQL database, whose structure is well documented (customers are entitled to full schema documentation in a PDF). Any off-the-shelf reporting/analytics tool, such as Crystal or Cognos, can be applied to the database to build custom analytics.
  3. Custom reports can be added to the list of "built in" reports accessible via the Password Manager UI. These are written as short Python scripts, where one part specifies search parameters that the report will accept and a second part runs the appropriate SQL statements to retrieve data from the database, using the user-specified parameters as arguments.

    Custom reports added to the system in this way have all the same features as built-in reports: they can be scheduled, they can deliver output via e-mail or filesystem, they can drive automated requests, they can generate HTML, CSV or PDF output, etc.

Previous Next PDF