Common Issues
Use KeePass with Pleasant Password Server
Also see FAQ for basic questions and Troubleshooting for tools to help diagnose problems.
Have Questions? Contact Us!
Getting more detailed log information
Startup - Service/Site
IISExpress Service did not start
IIS Hosting Troubleshooting
Server Certificate Issues
Website didn't load
Install / Upgrade
Upgrade Problems
Antivirus Exceptions
Login / Connectivity
Cannot Login / Unable to Authenticate
LDAP/AD Bind Errors
Trust Warnings - Connecting to a new server (KeePass client)
2FA Authenticator error - Invalid Two-Factor Token error
2FA "Two-Factor Required" error
LDAP Connection issue on Windows 2019 Domain Controllers
Certificates
Certificate Setup: 3rd Party, Let's Encrypt, Self-Signed
Server Certificate Issues
KeePass Certificate - Trust Warnings - Connecting to a new server...
Access
Can Only Grant Read-Only Permissions (v7.6.6+)
Cannot Grant Access
Restore Access Inheritance
Refresh Access Permissions
Auto-Fill
Problems with Auto-Fill functionality
AD/LDAP
Cannot Login / Unable to Authenticate
LDAP/AD Bind Errors
Import Users or Groups are missing
Active Directory/LDAP Migration Error (v7.4+)
Unable to Import
Reset Users
Problems Resetting User Password (Reset)
Test emails do not get sent
Notification emails do not get sent
KeePass
Trust Warnings - Connecting to a new server...
KeePass The composite key is invalid
KeePass Export Operation is Not Allowed by the Application Policy
KeePass for Password Server errors
PassManClient Connection Error
Timeouts do not auto-close Credentials
Browser
Nothing happens with Internet Explorer when clicking delete (or any other button)
After Update, home screen shows "loading" and stays there
Features
Missing tabs or features
Hiding tabs in PPASS Menu
Entry does not appear in search
Using IIS instead of IIS Express
Performance
Slowness: After Update, AD/LDAP User Login/Refresh
Configurations which Improve Application Performance
SSO
SSO Authentication Errors
RDP SSO Client crashes on launch (v7.5.2+)
Unable to complete SAML single sign on Request
Miscellaneous
ASP.NET AppDomain is shutting down
Removing Audit Records
Problem installing Pleasant Password Server (Windows 8.1 or Server 2012 R2)
Keyboard not working in Windows Password Reset Client (Windows 8+)
Questions About Session Timeout
Approval Notification has a Grammar Error
Configuring Test Emails - SMTP - Account is not valid
Minor issue with PPASS server v5 API StatusCodeError: 500 (v7.9.28)
NLog not properly archiving files with dates
Getting more detailed log information
Follow these instructions to get more detailed logging information or to view the log files.
Service did not start up
Please Note:
- When Upgrading: There may be a delay in the service startup while the database is converted to the new version.
- See more details in Upgrading (sections: "Monitor Install" or "Problems?")
Sometimes the machine may have a lock on a file, and require a reboot. This is especially so in combination with Windows Updates, that where a restart / reboot is required.
Hosting with IIS (extra setup):
- If you are hosting the site with IIS, make sure to stop and disable the IISExpress service. This can also be stopped with an End Task, using the Windows Task Manager. Also see IIS Troubleshooting.
Hosting with IISExpress service (default):
- Please make sure that the IISExpress.exe process is first shutdown (in task manager), before re-starting the service. This task will be automatically started along with the server startup.
Additional Checks:
-
1) View the file error logging details, which may often show the cause the problem.
- Open these files and scroll to the bottom, looking for any errors: Weblogs.txt and PleasantPasswordServerLog.txt
- You can forward these to Support via email.
-
2) There may be an error related to Certificates or SSL, which are better resolved in recent versions of Password Server and with Hosting with IIS:
- There may be a problem with the Certificate port association. This may be resolved by simply re-importing the Certificate using the Service Config utility. However, to be thorough, you can follow these steps below.
-
Delete the current certificate association on the custom port 10001, run the following command in a command prompt (run as admin):
netsh http delete sslcert ipport=0.0.0.0:10001
- Then re-import your Certificate with the Service Config utility (found in Windows Start menu > Programs > Pleasant Password Server > Service Configuration).
-
Double-check that there aren't multiple certificates in the Certificate Store (Local Machine, Personal) with the same name.
-
To confirm this port has been associated properly:
netsh http show sslcert ipport=0.0.0.0:10001
-
3) Please also see the PowerShell / taskkill commands mentioned here:
-
4) Rarely this could be an issue with IISExpress, a component that is started along with the Pleasant Server.
-
Option A) To resolve simply try to repair the IISExpress install.
-
Option B) As a last resort, if option A above still does not help:
- Uninstall both Pleasant Password Server (which will leave your database intact with your admin settings) and
- Uninstall IISExpress
- Rename the Password Server program folder
- Then re-install Pleasant Password Server. This will also install a new version of IISExpress.
-
If you continue to have trouble, please email Support with your Detailed Logs and a description of your situation.
Antivirus Exceptions
Virus Scans
The software has been reviewed & scanned & audited & tested, etc., is continually scanned by antivirus on multiple machines, and is clear from malware.
Whitelist Exceptions
Our recommendation is to whitelist the following folders to prevent interference from antivirus software. This may happen rarely, with some antivirus software, more than others:
- %ProgramData%\Pleasant Solutions
- %ProgramFiles(x86)%\Pleasant Solutions
- %AppData%\PleasantKeePass
File Integrity Monitoring
Password Server can scan files for modifications with a fairly robust File Integrity Monitoring module (included with the SSO edition of Password Server), which will report if application files have been modified since release.
Digital Signatures and Checksum Hashes
Online Virus Scans
There are helpful sites that allow users to validate software files.
- However, please remember that no antivirus solution is perfect, and may give a rare false positive, etc.
- Please download the application directly from the Pleasant Solutions download location(s).
Contact Directly
We would encourage you to contact us / the antivirus vendor directly if you notice anything unusual.
Website didn't load
Problems? If the web site won't load,
- Check that the installation/upgrade is complete and hasn't reported errors in the logs
- Make sure Password Server isn't sharing a port with anything else:
- Stop the Password Server service.
- Click Start, type cmd, right-click Command Prompt, then click Run as administrator.
- From the prompt, run netstat -b -p TCP -q. If you see anything ending in :10001 in the Local Address column, either switch the software using 10001 to another port or switch Password Server itself.
If you continue to have difficulty, please Contact Us!
Troubleshoot Server Certificate Issues
Here are a list of helpful server certificate checks, starting with the most common/easiest.
1) Server Configuration:
Password Server has a Service Configuration utility which helps manage the certificate, port, and database connection. The service config will need to be updated with your new certificate (found in Windows Start menu > Programs > Pleasant Password Server > Service Configuration).
Then restart the service or IIS and try to login using an incognito browser (with a fresh cache).
2) Certificate Caching: Some browsers, clients, or intermediate network devices might cache SSL/TLS certificates for a period of time. For us, clearing the browser cache may resolve the issue.
3) Certificate Binding:
If the issue persists, rarely there may be a problem with the certificate binding / port association.
- if you are hosting with IIS, verify in IIS that the new certificate is correctly bound to the website's port 443 or 10001. Remember to restart your IIS server after making any changes.
- if you are using the default service (which uses IISExpress), in this case, delete the current certificate association on the custom port 10001, by running the following command in a command prompt (as administrator):
netsh http delete sslcert ipport=0.0.0.0:10001
Then re-import your Certificate with the Service Config utility.
To confirm this port has been associated properly:
netsh http show sslcert ipport=0.0.0.0:10001
4) Client Certificate Trust: If the CA isn't trusted, clients will not be able to establish a secure connection.
If the certificate has been purchased, then the new certificate will be signed by a Certificate Authority that is trusted by browsers and devices.
Otherwise if it is a generated certificate from a self-signed or internal Certificate Authority then the public certificate, that does not contain the private key, will need to be distributed to the Certificate Store on the client machines (in the Trusted Roots folder).
5) Certificate Chain Issues: If the new certificate is part of a chain of trust that includes intermediate certificates, all certificates in the chain need to be correctly installed on the server, and/or trusted by the other network machines. If any are missing, clients might not trust the new certificate.
You can see the certificate chain in the certificate properties tab.
6) Multiple Certificates: Double-check that there aren't multiple certificates in the Certificate Store (Local Machine, Personal) with the same name.
7) Check for Connectivity Issues: If there's a URL in the certificate cannot be reached for validation (e.g. CRL/OSCP) it may be blocked by firewalls/filters.
- Recent Network Changes: similarly if the server has been migrated recently or network connections have changed, it could cause issues.
8) Firewall Settings: Ensure that the path is open and check all your firewalls along the way.
9) Port 443: Make sure that port 443 is listening on your server. This is the default port for HTTPS connections, and if it's not properly configured, it could prevent external connections.
10) Check Security Policy: There might be a problem with the security policy.
If you continue to have difficulty, please Contact Us.
Can Only Grant Read-Only Permissions
(versions 7.6.6+)
Relevant only if upgrading from a version previous to 7.6.6.
If your Administrators or users:
- Cannot change the User Access except to Read-only, or
-
Cannot add entries in the mobile client
This change has been caused by a security improvement in version 7.6.6. To resolve:
- Please edit your Access Levels: Full, Full + Grant, Full + Grant + Block
-
Set “Grant” for "View User Access" to True
Alternative method: If your organization has never added new Access levels or changed the existing Access levels:
-
Click Reset Access Levels, which will also achieve the same results.
Previously this setting was not required for granting/removing permissions, but has been changed for this version (as per Release Notes for 7.6.6).
This will allow as for your expectations.
If you have additional questions or concerns, please Contact Us!
Can Not Grant Access
We use the User Access window to provide the security access to users. This has changed in version 7.9.
Requirement
- To open User Access, will need to have been given an Access Level with the View User Access permission.
Basic Steps
- Open the User Access window,
- Choose "Users" or "Roles" from the "Add Access for" dropdown,
- Then in the next field, type or select the User/Role you wish to give access to.
Wiki Guide - Please review the instructions for granting access, examples here:
Problems?
- Is scripting disabled in your web browser?
- Are you using the IE browser with either Compatibility View (displayed in Address Bar) or Enable Protected Mode (in Tools > Security tab).
If you continue to have difficulty, please Contact Us and provide:
- Version #
- Screenshots of your User Access screen and Access Level screen.
Restore Access Inheritance
(versions 6.4.13+)
If you block access inheritance on entry/folder X without first ensuring you have the Set Block Inheritance permission set directly on X (rather than inherited from an ancestor), you'll only be able to remove the block by editing your database as follows:
- Open your database
- For SQLite
- Stop the "Pleasant Password Server" service
- Open your database in SQLiteManager (as administrator)
- Open SQLiteManager with a right-click, "Run as administrator". This avoids the "Database is read only" error.
- For SQLite
- Open the SQL tab and run the following command (assumes that the blocked entry/folder is uniquely named; if not, the WHERE clause will need to use rowid or Id rather than Name):
UPDATE "CredentialObject"
SET "PermissionInheritanceBlocked" = 0
WHERE "Name" = '[THE_NAME_OF_THE_BLOCKED_ENTRY_OR_FOLDER]'; - Refresh the folder tree visibility:
DELETE from "CredentialObjectVisibilityAccessRow";
DELETE from "CredentialObjectVisibility";
- For SQLite
-
Re-add the User Access directly to the specific folder (or entry) you just restored.
NOTE: If you notice the Block Access Inheritance button has disappeared you can restore it by: - Right-click the folder (where the block inheritance button is missing) > Click Move > Select the folder it is currently in
Refresh Access Permissions
(versions 7.9.13+)
When Restoring inheritance we refresh the Access data with the steps below.
This may be also helpful is some other rare instances, when: for example, the actual access does not seem to align with the User Access, or folders remain hidden.
- Stop the "Pleasant Password Server" service
- Open your database in SQLiteManager (as administrator)
- Open SQLiteManager with a right-click, "Run as administrator". This avoids the "Database is read only" error.
- Refresh the folder tree visibility:
DELETE from "CredentialObjectVisibilityAccessRow";
DELETE from "CredentialObjectVisibility";
-
Start the Password Server service
Problems with Auto-Fill functionality
Significant improvements to Auto-Fill functionality Are underway as items of top importance, including amongst other items:
- website detection
- filling credentials
- search
If you detect particular functionality or sites that are not working well, please submit these to our support team in an email. Contact us!
Thank you!
2FA Authenticator App gets Invalid Two-Factor Token error
Error: "Invalid Token"
The Authenticator protocol is time-based. If your Server, Device, or App is out of sync by even by 30 seconds, this will cause problems:
- Check the server time
- Check the device time
This should be the only problem for users using Authenticator apps.
- See Step 5, of the Authenticator configuration steps.
- For more info: Google Authenticator help (Android)
Still a problem?
1. Watch the clocks simultaneously count up the minutes and seconds. Set the time.
2. Workarounds -- if your users are still having difficulties with their secret, you can take these actions:
- A) Reset their Google Authenticator secret:
-
This will allow users to enroll again and synchronize to a new secret:
- Reset 1 user's secret
- Reset all users simultaneously
-
B) Temporarily, the policy can be changed so that 2FA is not required for the user(s).
- C) Sync the time in the Authenticator App itself.
Additional Notes:
- Backup your Google Authenticator secret by saving the QR code / number code
- Mobile devices can store multiple Google Authenticator secrets.
Two-Factor Required error
If you enable the option to Require Two Factor Authentication without first configuring a provider, users will be able to log in until this requirement is removed.
Two-Factor Required Two-factor verification is required but has not been configured. Please contact your website administrator.
In this case the administrator should contact us for information to resolve this configuration problem.
Nothing happens with Internet Explorer when clicking delete (or any other button)
The most likely cause of this is an old version of Internet Explorer or Compatibility View being enabled. More information about Compatibility View can be found here:
https://windows.microsoft.com/en-CA/internet-explorer/use-compatibility-view
If disabling Compatibility View doesn't solve your problem and you're running a recent version of Internet Explorer (IE9+), feel free to contact us for support.
NOTE: Internet Explorer may sometimes automatically enable Compatibility View for Intranet.
LDAP Bind Errors
For problems with Bind Errors / Authenticating a Directory user, start here: Unable to Bind to LDAP/AD
LDAP Connection issue on Windows 2019 Domain Controllers
Windows 2019 has provided a couple of patches for a connection bug with their Windows 2019 Domain Controllers. This is not isolated to Password Server, but includes other Microsoft users in general.
This fix is available here:
For further information, and to keep updated with the progress of this issue:
Active Directroy/LDAP Migration Error
(versions 7.4+)
For problems with a Migration error message at Login screen see: Active Directory/LDAP Migration Error
Error System.Exception: ASP.NET AppDomain is shutting down... Reason:
Change Notification for critical directories.
bin dir change or directory rename
HostingEnvironment initiated shutdown
This is due to a Portable Class Library that requires a .Net patch. Simply install the relevant Windows Update to fix this problem. Details in the following link: https://www.paraesthesia.com/archive/2013/01/21/using-portable-class-libraries-update-net-framework.aspx
Removing Audit Records
For now audit records can be removed as needed.
These can also be filtered out by Username or UserID
- Contact us for any help needed with this technical process and we will respond ASAP
Pleasant Password Server won't install on Windows 8.1 or Server 2012 R2
It is possible that ASP.NET 4.5 is installed but not enabled. To enable it:
- Find Windows PowerShell on your system (in Server 2012 R2, it may already be in your taskbar).
- Right-click on the PowerShell icon and select "Run as Administrator".
- In the PowerShell window, type
& ${env:windir}\syswow64\cmd.exe
- Now type:
%windir%\sysnative\dism.exe /Online /Enable-Feature /FeatureName:NetFx4Extended-ASPNET45
- Close the PowerShell window and run the Pleasant Password Server installer. It should now install successfully.
Unable to Import
Pleasant.Identity.Mvc.Controllers.IdentityControllerBase Pleasant.Identity.IdentityOperationException: Unable to import 1 users. 0 slots remaining.
The above error message is letting you know that you don't have anymore Users on your License. You must delete a user or upgrade your license (e.g. from 10 to 20) in order to be able to import more users.
Missing tabs or features
Make sure the user is a member of a role that has permission to access those features. Users may need to sign out and sign back in for permission changes to take effect.
Hiding tabs in PPASS Menu
Hiding tabs is possible, however is not available in trial mode. Once the license is activated these can be hidden.
SSO Server tab
- Hide the SSO Server menu tab
- Available for Enterprise and higher license keys.
Contracts tab
- Settings > Appearance > Show contracts tab > Choose "Selected users"
- Available for Enterprise+ and higher license keys.
- Available for Enterprise+ and higher license keys.
Entry does not appear in search
SQLite only understands upper/lower case for ASCII characters by default. The LIKE operator is case sensitive by default for unicode characters that are beyond the ASCII range.
Use IIS instead of IIS Express
Using IIS is possible and is recommended, especially for customers with more advanced environments:
Using IIS as a Reverse Proxy: some customers may wish to know that it is also possible to setup a new IIS site and redirect the incoming TCP requests to the Password Server's IIS Express. This effectively makes IIS a reverse proxy.
Other info: Redirect HTTP Requests to HTTPS
Keyboard not working in Windows Password Reset Client (Windows 8+)
Press CTRL once to fix the keyboard.
Details: Windows 8/8.1/10 will sometimes mistakenly behave as though CTRL is being held down on the login screen. Because the browser opened by the Reset Client ignores any keys pressed while CTRL is held down, this can make it seem like the keyboard has stopped working. Pressing CTRL forces Windows to acknowledge that CTRL is not being held down.
KeePass for Password Server errors
Trust Warnings
"Connecting to a new server for the first time..."
(see the Trust Warning wiki page)
KeePass Export operation is not allowed by the application policy
View sections here to re-enable / restrict exporting passwords:
PassMan Client Connection Error
Version 6.0.1 - 7.1.19:
PassManClient connection error: Could not load type 'System.Collections.Generic.IReadOnlyDictionary`2' from assembly 'mscorlib, Version=4.0.0.0, Culture=neutral, PublicKey Token=b77a5c561934e089'
Verify that you have .NET Framework ≥ 4.5 installed by following these instructions.
KeePass Timeouts do not auto-close Credentials
This is designed this way by KeePass after some consideration, and there is a KeePass explanation for choosing this design (included below).
- KeePass client: an open dialog disables vault time-out until user closes it.
-
Web client: an open dialog does effect the time-out with a save change message, and does not allow the user to save changes or open other entries, etc.
Users can be reminded to close Vault credentials after use.
The KeePass offical FAQ explains this best:
KeePass automatically tries to lock its workspace when Windows is locked, with one exception: when a KeePass sub-dialog (like the 'Edit Entry' window) is currently opened, the workspace is not locked.
To understand why this behavior makes sense, it is first important to know what happens when the workspace is locked. When locking, KeePass completely closes the database and only remembers several view parameters, like the last selected group, the top visible entry, selected entries, etc. From a security point of view, this achieves best security possible: breaking a locked workspace is equal to breaking the database itself.
Now back to the original question. Let's assume an edit dialog is open and the workstation locks. What should KeePass do now? Obviously, it's too late to ask the user what to do (the workstation is locked already and no window can't be displayed), consequently KeePass must make an automatic decision. There are several possibilities:
- Do not save the database and lock.
In this case, all unsaved data of the database would be lost. This not only applies to the data entered in the current dialog, but to all other entries that have been modified previously.- Save the database and lock.
In this case, possibly unwanted changes are saved. Often you open files, try something, having in mind that you can just close the file without saving the changes. KeePass has an option 'Automatically save database when KeePass closes or the workspace is locked'. If this option is enabled and no sub-dialog is open, it's clear what to do: try to save the database and if successful: lock the workspace. But what to do with the unsaved changes in the sub-dialog? Should it be saved automatically, taking away the possibility of pressing the 'Cancel' button?- Save to a temporary location and lock.
While this sounds the best alternative at first glance, there are several problems with it, too. First of all, saving to a temporary location could fail (for example there could be too few disk space or some other program like virus scanner could have blocked it). Secondly, saving to a temporary location isn't uncritical from a security point of view. When having to choose such a location, mostly the user's temporary directory on the hard disk is chosen (because it likely has enough free space, required rights for access, etc.). Therefore, KeePass databases could be leaked and accumulated there. It's not clear what should happen if the computer is shutdown or crashes while being locked. When the database is opened the next time, should it use the database stored in the temporary directory instead? What should happen if the 'real' database has been modified in the meanwhile (quite a realistic situation if you're carrying your database on an USB stick)?Obviously, none of these alternatives is satisfactory. Therefore, KeePass implements the following simple and easy to understand behavior:
When Windows is locked and a KeePass sub-dialog is opened, the KeePass workspace is not locked.
This simple concept avoids all the problems above. The user is responsible for the state of the program.
Security consequence: the database is left open when Windows locks. Normally, you are the only one who can log back in to Windows. When someone else logs in (like administrator), he can't use your programs anyway. By default, KeePass keeps in-memory passwords encrypted, therefore it does not matter if Windows caches the process to disk at some time. So, your passwords are pretty safe anyway.
https://keepass.info/help/base/faq_tech.html#noautolock
KeePass Export Errors
The composite key is invalid! Make sure the composite key is correct and try again
The export password you want to use is:
export_password
For further information about exporting passwords please see our wiki:
https://pleasantpasswords.com/info/pleasant-password-server/c-backup-export-and-import-your-passwords/2-exporting-passwords-from-keepass-for-pleasant-password-server
RDP SSO Client crashes on launch (v7.5.2 - 7.5.7)
The RDP SSO Client relies on the existence of a default settings file for RDP that will not exist if the user currently logged into the machine has never used Remote Desktop Connection on that machine before. Start up Remote Desktop Connection and connect to another machine to make sure that defaults are established, then try the Launch RDP SSO link again.
SSO Authentication Errors
The most common causes for Access Denied errors when authenticating with Password Server (PPASS) are:
- incorrect username or password
- incorrect unique identifier
- user does not have SSO permission on that credential
Common causes of wrong username or password when authenticating with the target server are:
- wrong username or password stored in the PPASS credential
Please check all your settings. If the problem persists, please provide us with screenshots of your settings when contacting us for support and what you are doing in the browser or terminal (confidential info blurred).
After Update, Active Directory/LDAP User Log In/Refresh is Slow (v7+)
Some users have reported that after upgrading from version 6 to 7 their user login times have drastically increased, even when no changes have been made to the AD/LDAP directory settings.
The slowdown is caused by a change in the way Password Server tracks imported users and groups (more details).
Specify an OU
Specifying an OU for Pleasant Password Server users should speed up logins significantly. Only quering the targeted OU is allows the permissions check to occur much faster, speeding up the end-user experience.
- User Directory: server.xxx.yyy/accounts/ppass
- Group Directory: server/directory/folder/groups/
Users and Roles > Manage Directory > Edit Directory > Import
- Base Distinguished Name: DC=server, DC=xxx, DC=yyy
- User Relative DN: OU=ppass, OU=accounts
- Group Relative DN: OU=groups, OU=folder, OU=directory
Configurations which Improve Application Performance
See this page for factors affecting the speed of Password Server or clients.
After Update, Home screen shows "loading" and stays there
(version 7.5.15 - 7.6.2)
Some users have reported that after upgrading, the Home screen does not finish loading / stays empty.
- Clear the browser cache, or refresh the page: CTRL+F5 (PC's) CMD+R (Apple) F5 (Linux)
If this does not resolve the problem:
- Try a different browser,
- Check that JavaScript is enabled,
- Rule out other browser extensions that could be interfering,
- Reset the browser settings.
Questions about Session Timeout
To adjust for users to be automatically logged out the user after a specific amount of time.
Web Client - Automatic log out
-
Navigate to the menu Users and Roles > Manage Policies > Actions > Edit > Login Timeout
Set the timeout to the appropriate amount.-
Note: For Web clients in versions 7.6 and older, you will need to sign out for this policy to take effect.
-
KeePass / Mobile/ API / etc. - Automatic log out
-
Navigate to the menu Users and Roles > Manage Policies > Actions > Edit > Application Authentication Timeout
Set the timeout to the appropriate amount.
KeePass (option) - Automatic workspace lock/etc.
- An inactivity timeout also exists in the KeePass Client
- Tools menu > Options... > Security tab > "Lock workspace after..." checkboxes (one for KP inactivity, one for global inactivity)
For more information see these sections in the User Policy:
Approval Notification has a Grammar Error
Approval notifications may have a grammar error when granting permanent access, which could confuse some users:
"... has granted you Full access that will expire on with comment:"
Suggested wording could instead be change to display like this:
Approved Request
Your request for Full access to \Root\Departments\Folder has been approved by Approver.
Approver has granted you Full access.
- Expiry Date:
- Comment: Approval granted...
You can access the requested object with the link below:
https://YourServername:10001
Change the notification text here:
- Advanced > Email Templates > Click the "Approved Request" template link
- Click the </> button (to View HTML)
- Copy and paste the following:
<h3>Approved Request</h3>
<p>Your request for {{ RequestedAccessLevelName }} access to {{ RequestedObjectPath }} <strong>has been approved</strong> by {{ ApprovingUserName }}.</p>
<p>{{ ApprovingUserName }} has granted you {{ ApprovedAccessLevelName }} access.</p>
<ul>
<li><strong>Expiry Date:</strong> {{ ExpireDate }} </li>
<li><strong>Comment:</strong> {{ ApproverComment }}</li>
</ul> <p>You can access the requested object with the link below:</p>
<p><a href="{{ RequestedObjectUrl }}">{{ RequestedObjectUrl }}</a></p>
- Click Update
Test Emails - SMTP - Account is not valid Error
Try enabling Trace email logging to get a little more details.
Try manually re-entered the SMTP Username even if it was entered correctly. This has been known to fix the issue.
API v5 StatusCodeError: 500
This error is particular to the version 7.9.28, when using API v5 to integrate with other software. A fix of this issue has been added in 7.10.4.
To resolve in this version, include a "X-Pleasant-Client-Identifier" header that is a valid GUID with one of the following formats:
- 32 digits: 00000000000000000000000000000000
- 32 digits separated by hyphens: 00000000-0000-0000-0000-000000000000
- 32 digits separated by hyphens, enclosed in braces: {00000000-0000-0000-0000-000000000000}
- 32 digits separated by hyphens, enclosed in parentheses: (00000000-0000-0000-0000-000000000000)
Where the digits are 0-9, A-F.
NLog not properly archiving files with dates
Password Server uses a logging tool called NLog. Currently there is a bug with the nlogger which does not properly archive files with dates in the filename.
Use the following steps to fix. Please not that these changes will be over-written when you upgrade to a new version. So you will have to remember to re-apply these steps (until the problem is fixed).
1) Stop the Pleasant Password Service:
https://pleasantpasswords.com/info/pleasant-password-server/b-server-configuration#StopStartRestartPasswordServer
2) Open the file NLog.config with administrative access (by default, found here):
C:\Program Files (x86)\Pleasant Solutions\Pleasant Password Server
3) Find references to archiveFileName
4) Remove the reference to shortdate ("_${shortdate}") in the archiveFileName. The lines should look like this:
archiveFileName="${PleasantApplicationData}/PleasantPasswordServerLog.{#}.txt"
archiveFileName="${PleasantApplicationData}/PasswordProxyLog.{#}.txt"
5) Save the file, and restart the Pleasant Password Service.
6) Delete or move the old logs.
From now on, the logs:
- will be saved with the new filename,
- will store 10 files by default, and
- will delete anything older.