Active Directory domain that they must register with Password Self-Service or have to update their invalid Questions and Answers profiles. You can also specify whether unregistered users must complete the registration procedure before being able to log on to the network. Password Self-Service provides the following mechanisms to implement registration notification and
enforcement:
Registration Notification. Configure a notification schedule to send e-mail notifications to those users who have not yet registered with Password Self-Service. To configure a notification schedule, see the procedure outlined later in this section. Users also will be notified to register with Password Self-Service through a balloon briefly displayed from an icon in the notification area at specified intervals. You can configure the scope of users you want to be notified. This method also defines whether users may receive notifications, provided that registration notification is enabled.
Registration Enforcement. Define whether users who have notregistered with Password Self-Service, or have invalid Questions and Answers profiles, must create or update their Q&A profiles before they can log on to the network.
Note: Registration enforcement can be configured only for pre-Windows Vista operating systems, and is enabled through Group Policy by properly configuring Secure Password Extension.
To enable registration notification, you must configure notification schedule. The step-by-step instruction on how to configure notification schedule is outlined later in this section. Once you configure a notification schedule, all users in the managed domain start to receive notifications that require the users to register with Password Self-Service.
You can also configure a notification message to be displayed on users' computers through a balloon briefly displayed from an icon in the notification area. This notification is turned on through Group Policy by properly
configuring Secure Password Extension.
By default, when you enable registration notification, all users in a managed domain will receive registration notifications through notification balloons and e-mail messages. However, you can define a list of users you do not want to be prompted to register with Password Manager, or specify an explicit list of notification recipients.
To configure notification schedule
Specify an outgoing mail server (SMTP). For more information, see
Configuring Outgoing Mail Server Settings.
1. On the home page of the Administration site, click the Managed
Domains box.
2. On the Configure Managed Domains page, click the domain you want
to manage.
3. On the General tab, click User registration schedule.
4. Under User registration schedule, specify the following options, and
then click Save
option description
Force users to register with Password Self-Service
Select this check box to configure the registration enforcement options. Apply immediately Forces all users to immediately register
with Password Self-Service.
Use this option with caution when the number of users managed by Password Self-Service is large. Immediate
enforcement of a large number of users may drastically decrease the performance of your production environment.
Schedule enforcement Requires users to register within specific number of days after they are scheduled to register.
Once forced to register, user
must register within <%> days Specify the deadline within which user must register with Password Self-Service after the first registration notification. If users do not register within the deadline, they cannot log on to the system. Start notifying users <%> days
before registration term Select this check box to remind those users who already received the first registration notification but have not registered with Password Self-Service of the necessity to complete the registration procedure. Such users will receive a notification every day during the specified number of days before the registration term.
Notify users by e-mail Select this option, if you want to have uses notified using e-mail.
By clicking Specify notification
language(s) you can specify the language
to use for sending notifications. Schedule to force to register the
following number of users: Set the daily number of new users who will be first notified to register. The total number of daily notified users will be incremented by the value that you set. Use this option to reduce server load and enhance performance.
option description Notify users using Secure
Password Extension If you select this check box, when attempting to log on to the system using Windows logon screen, users will see a dialog box offering to register with Password Self-Service. After the
registration deadline, users will not be able to log on, unless they complete the
registration procedure. Prevent non-registered users
from logging on after deadline (for Windows XP clients only)
Select this option to prevent from logging on to the system the users who have not registered with Password Self-Service after the registration deadline specified in the
Once forced to register, user must register within <%> days option or
have invalid Questions and Answers profiles.
To specify an explicit list of groups to receive registration notifications
1. On the home page of the Administration site, click the Managed
Domains box.
2. On the Configure Managed Domains page, click the domain you want
to manage.
2. On the Groups tab, click Groups Allowed to Receive Registration
Notifications.
2. Click Add.
2. In the object selection window, select the groups whose members you
want to receive registration notifications and click OK.
Only members of the groups in this list will be prompted to register.
To exclude a group from registration notification recipients
1. On the home page of the Administration site, click the Managed
Domains box.
2. On the Configure Managed Domains page, click the domain you want
to manage.
3. On the Groups tab, click Groups Denied Receiving Registration
Notifications.
4. Click Add.
5. In the object selection window, select the groups whose members you
want to never receive registration notifications and click OK.
Members of the groups in this list will never be prompted to register with Password Self-Service. If you add a group in both the Groups Allowed to
Receive Registration Notifications and Groups Denied Receiving Registration Notifications lists, the members of this group will never be
Note: To specify criteria that define whether users must update their
Questions and Answers profiles, you can configure profile update policies. For more information, see the Configuring Profile Update Policy.
You can configure which groups will receive password expiration notifications and which will not.
To specify an explicit list of groups to receive password expiration notifications
1. On the home page of the Administration site, click the Managed
Domains box.
2. On the Configure Managed Domains page, click the domain you want
to manage.
3. On the Groups tab, click Groups Allowed to Receive Password
Expiration Notifications.
4. Click Add.
5. In the object selection window, select the groups whose members you
want to receive password expiration notifications and click OK.
Only members of the groups in this list will receive password expiration notifications.
To exclude a group from password expiration notification recipients
1. On the home page of the Administration site, click the Managed
Domains box.
2. On the Configure Managed Domains page, click the domain you want
to manage.
3. On the Groups tab, click Groups Denied Receiving Password
Expiration Notification.
4. Click Add.
5. In the object selection window, select the groups whose members you
want to never receive password expiration registration notifications and click OK.
Members of the groups in this list will never receive password expiration notifications.
If you add a group in both the Groups Allowed to Receive Password
Expiration Notifications and the Groups Denied Receiving Password Expiration Notification groups, the members of this group will never