Enrollment Enforcement

Author: [email protected] 239 views

This feature is installed together with the Password Manager Windows Client shares both common configuration and code with the Password Manager Windows Client.

The feature runs in the user session and is primarily visible by an icon in the Notification section (typically in the lower right corner). This icon represents the Enrollment Enforcement Client which is automatically started when a user logs on to the PC. The client’s responsibility is to  check the enrollment status in Password Manager and to execute configured actions when required.

The client prompts the MyPass server for the Enrollment status and then stores that information in the user registry. Behaviour and prompt intervals etc. can be adjusted as described below.

When the user clicks the Enroll button, MyPass opens the first present Enrollment authentication profile that fits the user (Group membership, network and possible authentication has to match), or the Identify Operations page with the possible enrollment options for the end-user. By default this should be monitored so that the Enrollment profile using Windows password is prioritized, when used.

EEC config file: \FastPassCorp\Configuration\PMEnrollmentEnforcementClient\PMEnrollmentEnforcementClient.config

The following attribute can be added to control what the user experiences when clicking the “Enroll” button on the EEC popup page. There are 2 variants:

  1. InitiateTrackWithEnrollUser – default, bring the user to the first authentication profile the user fulfils.
  2. InitiateTrackWithIdentifyOperationForEnrollment – brings the user to the where the user can choose between options for enrolling, the username will be prefilled


<?xml version="1.0" encoding="utf-8" ?>