ADManager Plus users
Newbie here. Just had this project, to implement ADMP in our environment and create processes around user administration mostly. I find that the ADMP documentation is very heavy on the sales side of things (how ADMP can cut your repetetive admin tasks) but extremely light on the how to side of things. I'm currently trying to figure out the users inside ADMP itself and why, when I modified some users, they got moved into the Direct Users group in ADMP. Every time I search for users or ADMP users
ADManager Plus security advisory regarding unauthenticated product integration vulnerability (CVE-2020-24786)
Hi, We wanted to let you know that a security vulnerability, CVE-2020-24786, was detected in our product and we have fixed it. Read on to know how you can identify if your ADManager Plus installation is affected, and fix it. This article also lists the steps to protect your installation in case it is not affected. What is the issue? ADManager Plus had a vulnerable endpoint which allowed a user to integrate his/her installation with any other ManageEngine product installation, bypassing authentication.
How to manage your Active Directory, on-the-move with the ADManager Plus mobile app?
ADManager Plus' mobile application offers Active Directory admins complete control over their user accounts and AD tickets irrespective of whether they are at work, home or anywhere in between. Some key management actions you can perform from the app include, AD user management - Create Users, reset passwords, unlock, enable/disable, and delete user accounts. AD users' group membership management - Manage group memberships of users and set primary group for AD users. AD computer management - Reset computer
Block Basic Authentication on User Creation
Hello, Is it possible to have basic authentication to Office 365 blocked immediately after a new account is created? I didn't see anything regarding this under the Management options in the Office 365 tab. We could accomplish this by running a custom script at each creation, but that seems like an inefficient way to do it.
How to view and manage the Terminal Services properties of Active Directory users?
ADManager Plus can help simplify the reporting on terminal services properties of AD Users with the Users' Terminal Service Properties report. It lists the properties of all users or users from specific OUs in a click. Right from the reports page, you can also: - Modify the terminal services properties of users. - Perform user management actions such as password reset, modifying logon hours, enabling/disabling user accounts, and more. - Export the Terminal Services Properties report to CSVDE, HTML,
How to view and export a list of Active Directory users with Dial-in access permission?
ADManager Plus' Dial-In access permission reports contain a list of Active Directory users who have Dial-in access. With a lot of organizations resorting to working remotely, the Dial-in Access reports with options to change the permission from within the report itself, would be useful for both monitoring and managing Dial-In access permissions of users. Steps to generate the Dial-In Allow Access report: Click the Reports tab. Go to User Reports. Go to General Reports, and click the Dial-in Allow
how can i get a user report to show only todays activities
i've made a user report with all the data i need, so far so good but how can i tell the report to show only the data from the current day?
how to change the theme in the latest version of ad manager plus
i can't find where to change in the new version
User modification, add user to security group
Hi, I want to achive a simple, but extemely effective task. Using "User Modification"; i would like to have a drop down (or radio button) selector. Each selected option should make user a member of a specific security group. Same logic for removal. I want to create a simple way for our Help Desk to remove and add permissions (based on security groups), but I cannot seem to find any way to do this. I managed to do this is in a very cumbersome way when creating a new user though. Please advice if
Admanager Office365 interval
Hi Team, Currently our admanager fetching information every 24 hours from office365 and its super hard to check recent modifications. how can i reduce that interval from something else. Thanks, Ronak
On Prem AD and O365
What is the best tool managing users for O365 and an on premise AD environment?
Extract "Member Of" values for an AD Objects
Looking for solutions on how to extract "member of" information for users in both an organizational unit and/or a csv file with samaccountnames.
Automation Create User
After creating a user with automation, whenever the routine is executed the system tries to create that user again. Is this behavior correct? Even presenting an error, and not creating the user a user notification email created and sent normally.
Checkbox problem "Enable tight integration with ServiceDesk Plus."
Hi sir, I've a issue with Enable tight integration with ServiceDesk Plus.. The checkbox doesn't seem to stay enabled. Is this a limit of our trial? Thank u
ad manager plus selective mfa
is it possible to enable mfa only for specific technicians?
when a technician performs undelete users, he can see eveyrthing
i have a technician limited to specific ou in all actions, everything if fine, he's limited. but when he does undelete user, he can see all the undeleted in the organization. how can i prevent that?
Local Accounts on a Domain Controller
Hello and thanks for reading this My basic understanding of the process of promoting a server to a domain controller includes "hiding" or removing the local SAM database. Some articles say it gets deleted and accounts move into the Domain SAM, some articles say the local SAM database is still there and accessible if the server is put into Directory Services Restore Mode (DSRM). Here's my question, and I'd like to ask it in the context of a bad actor gaining access to a domain controller which is
Setting Account Expiration
Has anyone had an issue not being able to set an account to expire past one day? Within ADManage if I set an account to expire anything further out past one day it looks like it takes it, but when I check it in Active Directory is shows to expire within the same day. Example: Today's date: 04.07.2020 ADManage set account 'testuser01' to expire 05.01.2020 Active Directory shows account 'testuser01' to expire 04.07.2020
prevent technician from seeing upn
hi. is there a way to prevent a technician from opening the drop menu that shows additional upns? see attached, circled in black to demonstrate
Creating new O365 user with Exchange Online mailbox
Good day, We have ADManager Plus (Build 6540) configured for O365 integration and am working on a new user creation template. Most of the settings I'm good with but am a little confused as to what selections need to be made on the Exchange tab to create the new mailbox. We are in the middle of our Exchange Online migration and have about 1/5 of our mailboxes migrated already - the remainder will be done this weekend. With that in mind, I wanted to start creating new users with their mailbox already
New Release: ADManager Plus 7053 (March 2020)
Hi, We are excited to announce that we have rolled out the latest build of ADManager Plus, 7053, with a vulnerability fix. You can download it right away. Fix This release includes fixes which make ADManager Plus immune to unauthenticated remote code execution vulnerability. Do let us know in case you need any assistance or information. Cheers, Team ADManager Plus Toll-Free: +1 888-720-9500 Email: support@admanagerplus.com
Script to Copy files
Hello, I want to use a Script to Copy some folders automatically to the created Users Homepath. Unfortunately i don't know which variable to Pass. I tried Homeshare but it doesn't seem to Work. Is there a list available which variables can be used for ad manager plus? Kindly regards
Create Additional Mailbox
So here is what I am trying to do: As part of user creation I have it creating an onsite mailbox with exchange, but I need to create another mailbox for that user for our Avaya phone system. For example: User: Rob Hawker username: rhawker I create a mailbox for rhawker, but I also need to create a mailbox for "VMRhawker" This is a separate mailbox from the rhawker one. I am trying to accomplish this by running a customer script. : Add-PSSnapin Microsoft.Exchange.Management.PowerShell.E2010; $user
Group Search via API
I have a question about ADManager Plus RestAPI. Is it possible to retrive a list of groups from specific OU? Or maybe I can retrieve 'member of' attribute from Search user action? I
Custom Script not working
I have a custom script that does the following: param ($param1) Add-ADGroupMember -Identity VPNUsers -Members $param1 in the custom script field I have: C:\ManageEngine\Scripts\add2group.ps1 %username% The response to the user creation action states: Custom script result : Success and the log states: [11:19:09:074]|[03-06-2020]|[ADMangLogger]|[INFO]|[119]: CustomScriptDetails: {IGNORE_WARNING=false, SCRIPT_COMMAND=PowerShell -file add2group.ps1 'T2atest', SCRIPT_ENABLED=true, MAX_WAIT_TIME=5}| But
Rest API Automation
Is there any Rest API that calls an automation action?
ADManager API SearchUser criteria for SuccessFactors move user account to OU
Hello dear Support! Is there a way to script the restAPI to be able to move users accounts to different OU? Br. Tilo
ADmanage - migrate mailbox to O365
Dear All! Is this a feature that would be available in ADmanage? Can we migrate mailboxes from on-prem to O365 using ADmanage? Thank you in advance. Best Regards, Erik Molnar
How to deprovision users along with their Office 365 accounts, home folders and profiles, using ADManager Plus
As opposed to the native Microsoft environment, ADManager Plus allows you to simultaneously delete all the linked home folders, profile, Office 365 accounts, Exchange mailboxes, and more, while deleting an AD user account. Steps to deprovision users and their linked Office 365 accounts, home folders, and roaming profiles using ADManager Plus: 1. Login to ADManager Plus and navigate to the Admin tab. 2. Click the Delete/Disable policy in the left pane. 3. Under the Delete Policy: a. Select the Domain
Post Termination script remove office365 license, remove from distro
I created a script that goes beyond just what admanager plus offers. This is mainly for hybrid environment. after the account is disabled and moved to disabled OU using template, Script connects to office 365 and removes the disabled user from any distribution list Then it checks for which license the disabled user had and removes the license Script changes the disabled users description field to today's date and time in your local AD It hides the disabled user from Address book on local exchange
Custom Script question
I'm running this custom script inside a template Powershell -ExecutionPolicy Unrestricted C:\ManageEngine\scripts\testname.ps1 %username% Testname.ps1 (powershell script) param($user) C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -noexit -command ". 'C:\Program Files\Microsoft\Exchange Server\V15\bin\RemoteExchange.ps1'; Connect-ExchangeServer -auto " Set-User -Identity $user -RemotePowerShellEnabled $falseBut it seems to be not working. I get "Custom script result: Custom script is running
Modify User Template
Hi, We have recently moved to Exchange 2013 and use AD Manager Plus for our management team. This is working fine and he User Creation template sees and assigns the new Exchange 2013 DAG and relevant database for a new user. However when we use teh Modify User template on the Exchange tab we used to see the server and database but now it shows "choose an exchange server" and "Choose a Mailbox Store". Is there something I have missed here or is there something I need to do to get it to show the server
Re-enable, Move User, Set Expiration Date for Bulk Users
Hello, Wondering if anyone has a solution for this scenario? We automate account creation (bulk) from CSV. Rule is not to create if duplicate on Full Name. Which is good and what we want. However, a large portion of the bulk accounts exist as they are returning students. Some accounts are disabled, moved to a terminated OU , etc.. So I'm looking for a way to: 1) Target only those accounts that already exist ie: those not created and listed as error on the usercreationstatus output of bulk creation
AD Manager Plus - Auto Reply Feature
Is it possible to use variables in the auto reply to pull from AD fields? I would like to set this up for our deprovisioning automation policy. Example: Thank you for your correspondence; however, %Display Name% is no longer employed with %company%. Please direct all future correspondence to %Manager% - %Manager Email Address%.
Automation Policy delayed Tasks not working [SOLVED]
Good Morning, I've made an Automation Policy that should run two tasks (Disable User, move to different OU) immediately and 3 tasks after 1 hour: - Remove Groups, - Move to different OU - Run Script. it runs everyday at XX:XX, but when it runs, it just execute the immediate task and closes the request that creates, if I check into the request it show the delayed Tasks as "yet to run" and the right time it should have run them, but it never does (i've waited several hours). If I run them manually
New User creation via AD Manager - Account expires problem
Hi Team We have just noticed that if we want to set an expiration date on a new account the dates in the calendar are coming all wrong We are on : Version : 7.0.0 Build Number : 7050 Is that fixed on the last build - 7051?
How to unlock locked out AD user accounts automatically using ADManager Plus.
With ADManager Plus, you can configure a scheduler that automatically identifies all the locked out AD user accounts in your domain, and unlocks them. Steps to unlock locked out AD user accounts automatically using ADManager Plus 1. Login to ADManager Plus. 2. Click on the Automation tab and click on the Automation option available on the left pane. 3. Click on Create New Automation. 4. Enter a suitable Automation Name and Description for the automation. (For instance, you can name this automation
[ManageEngine ADManager Plus] Register now for our free online training series.
Hello, Thank you for the amazing support and encouragement that you extended to ADManager Plus online workshops. Based on requests from many of our customers, we are starting a new series of workshops. Register now August 6, 7, 8, 13 & 14 at 3 PM BST | 10 AM EDT Session Title Date Day
Creation Rule - Additional Email (Make another address Primary)
We started testing using creation rules to try and pair our user creation templates down form 30+ by adding a condition based on Office. However the problem we're having is the email part. We own 6 other companies that have their own unique email addresses and those need to be the reply to addresses (not our main company address which everyone gets). With the Creation rules it seems that it won't let " Automatically update e-mail addresses based on recipient policy" be unchecked unless we specify
How to modify the logon name formats of all existing Active Directory users using ADManager Plus
ADManager Plus enables you to define a custom format for different naming attributes in AD. Once you have created a custom naming format, you can apply it to multiple AD users, at once. Steps to create a custom naming format using ADManager Plus: Let's assume that the new logon name of a user whose FirstName is John and LastName is Smith, must be S.John@domainname.com For this: 1. Login to ADManager Plus and go to the Admin tab. 2. In the Custom Naming Format section, click on Add New Format.
Next Page