Interactive Installation

To install the Desktop Password Reset, perform the following:

Extract DesktopPwdReset_x.x.x.zip to a directory.
(Optional) To set a custom icon of the Desktop Password Reset tile on the Windows Logon screen, save an image file to the provided location below. The file name of the customized image must be PMIcon.bmp. It needs to be a bitmap (.bmp) file.
- (For 32-bit): pathOfDesktopPasswordReset\x86\
- (For 64-bit): pathOfDesktopPasswordReset\x64\
Depending on the operating system navigate to the following appropriate directory and run setup.exe:
- (For 32-bit): pathOfDesktopPasswordReset\x86\setup.exe
- (For 64-bit): pathOfDesktopPasswordReset\x64\setup.exe
Where pathOfDesktopPasswordReset is the path where DesktopPwdReset_x.x.x.zip file was extracted to.
On the Welcome dialog box, select Next to continue the installation.
On the License Agreement dialog box, select I Agree and select Next.
Select the directory for the installation and select Next.

Enter the following configuration parameters on the Configuration Options dialog box and select Next:

Key Name	Description	Values
URL	Specify the product-specific URL accessible from the Desktop Password Reset restricted browser. Specific requirements for IdentityIQ are described in the Values column. Ensure that this URL (host) is added as a Trusted Site through Internet Properties > Security TAB > Trusted Sites [Sites]. Note For better security posture, DPR supports accessing only HTTPS URLs.	`<Server URL>` For example: `https://<server>:<port>/identityiq/desktopreset` In this URL the variables have the following values: `<server>` - FQDN or IP address of the computer where IdentityIQ is installed. `<port>` - HTTPS port number on which IdentityIQ Services are deployed. To configure the IdentityIQ Forgot Password/Unlock Account feature with Desktop Password Reset, you need to turn on the PassThrough authentication, Enable Forgot Password and Enable Account Unlock in IdentityIQ and each of the users must configure challenges/responses for individual account.
Link Text on Logon Screen	Text for the link that appears on the Windows Logon screen. This link launches the Desktop Password Reset Restricted Browser. (Maximum length : 1024)	Forgot Passoword?
Language Options	Specify the languages supported by the password management solution. The restricted browser sets the language to the browser depending on the user's selection, as long as the language is configured.	The value must be in following format: languageName, languageCode; where: `languageName` can be the name of the language that needs to be displayed to the user in the Restricted Browser. `languageCode` is the code of the language. Refer to Available languages for Windows to get the code of different languages. For example: `English(US), en-US;French(Canada), fr-CA;` Separate the language name and language code with a comma (,). End each language setting with a semicolon (;). Default value: `English(US),en-US;`

Key Name

Description

Values

URL

Specify the product-specific URL accessible from the Desktop Password Reset restricted browser.

Specific requirements for IdentityIQ are described in the Values column.

Ensure that this URL (host) is added as a Trusted Site through Internet Properties > Security TAB > Trusted Sites [Sites].

Note
For better security posture, DPR supports accessing only HTTPS URLs.

<Server URL>

For example: https://<server>:<port>/identityiq/desktopreset

In this URL the variables have the following values:

<server> - FQDN or IP address of the computer where IdentityIQ is installed.
<port> - HTTPS port number on which IdentityIQ Services are deployed.

To configure the IdentityIQ Forgot Password/Unlock Account feature with Desktop Password Reset, you need to turn on the PassThrough authentication, Enable Forgot Password and Enable Account Unlock in IdentityIQ and each of the users must configure challenges/responses for individual account.

Link Text on Logon Screen

Text for the link that appears on the Windows Logon screen. This link launches the Desktop Password Reset Restricted Browser. (Maximum length : 1024)

Forgot Passoword?

Language Options

Specify the languages supported by the password management solution. The restricted browser sets the language to the browser depending on the user's selection, as long as the language is configured.

The value must be in following format:

languageName, languageCode;

where:

languageName can be the name of the language that needs to be displayed to the user in the Restricted Browser.
languageCode is the code of the language. Refer to Available languages for Windows to get the code of different languages.

For example: English(US), en-US;French(Canada), fr-CA;

Separate the language name and language code with a comma (,). End each language setting with a semicolon (;).

Default value: English(US),en-US;

(Optional) If required, select the following options on the Configuration dialog box:

Key Name	Description	Values
Unblock AltGr Key	Indicates if AltGr Key is Unblocked. Possible values are `Y` and `N`.	`N` - AltGr key is blocked. `Y` - AltGr key is unblocked. Default value: `N`

Key Name

Description

Values

Unblock AltGr Key

Indicates if AltGr Key is Unblocked. Possible values are Y and N.

N - AltGr key is blocked.

Y - AltGr key is unblocked.

Default value: N

(Optional) Enable Deploy Configuration Utility if the configuration utility needs to be installed.

The product has a built-in application called the Configuration Utility used to customize and configure the product settings. You can select to install this application along with the product. Alternatively, you can configure the product settings during installation itself or distribute the configurations remotely as described in Remote Installation section.
Select Next to proceed.

The screen displays the Confirm Installation page. Select Next.
In the Installation Complete dialog, select Close to exit.
If the Certificate Authority (CA) for the certificate securing your SailPoint instance is not already trusted, follow the process outlined below:
1. Obtain the SSL certificate of your SailPoint instance in the desired format. This can be done in the following ways:
  - Select the Secure button (a padlock) in an address bar.
  - Use the s_client OpenSSL command.
    
    For example:
    
    echo | openssl s_client -servername example.sailpoint.com -connect example.sailpoint.com:443 | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > /Documents/certificate.crt
2. Import the certificate into the Windows trust store (Trusted Root Cert authority)

Feedback is provided as an informational resource only and does not form part of SailPoint's official product documentation. SailPoint does not warrant or make any guarantees about the feedback (including without limitation as to its accuracy, relevance, or reliability). All feedback is subject to the terms set forth at https://developer.sailpoint.com/discuss/tos.


	You are here:

Interactive Installation

Documentation Feedback