About the Password Change Notification Module
Bravura Pass can intercept password changes on a Windows-based trigger system using the Password Change Notification Module. The Password Change Notification Module consists of an interceptor service, intcptsvc, and the psintcpt.dll file. The service queues DLL requests and communicates with the Password Manager service (idpm ). The DLL captures native password changes.
The installer package also includes testing and maintenance utility programs.
You can install the Password Change Notification Module on a:
Active Directory domain controller (DC)
This will affect password changes by users of the Active Directory domain. In order to intercept all password changes in your domain, you must install the Password Change Notification Module on every Active Directory DC on your network.
Caution
Do not install the Password Change Notification Module on an Active Directory DC that allows blank passwords. If users change their passwords to a blank password, Active Directory will not send the change to Bravura Pass , and the event will not be logged.
Windows server
Password changes local to that server will likewise be subjected to password strength enforcement and synchronization.
The Password Change Notification Module supports filters that can limit the scope of an Active Directory DC to a specific OU mapped to a target system in Bravura Pass . For example, you may want to limit the passwords that are intercepted to accounts in three OUs on an Active Directory DC. Each OU is mapped to a separate target system set up in Bravura Pass . The target systems may belong to different target system groups with distinct password policies. You can install the Password Change Notification Module on the DC and configure it with three filters mapped to each OU.
You can also use filters to include or exclude specific account names to be sent to the Password Manager service for password strength testing and synchronization.