Connection to server failed.error 403
Hello everyone, I am evaluating in my adselfservice plus environment with MFA activated but when I log in to the machines with the agent installed, the MFA screen appears with the error: Connection to server failed.Error 403 Antivirus, firewalls disabled
MFA hardware token screen hangs
So we've had this on a few random servers out of the blue where you login via RDP, click Microsoft Authenticator and the screen just hangs until the timer runs out and kicks you out. But the timer never stops, if its at 1:54 and you click next, it hangs
Request add more method for support 2FA
1. Mobile Authenticator of ADselfservice or 3rd party 2. Multi-protocol security key such as yubikey by yubico | https://www.yubico.com/products/yubikey-hardware/ 3. FIDO2 for passwordless authnticate https://fidoalliance.org/fido2/ Thank you for build great app and great support.
Character marks appear in Password
Dear All, Currently, in the process of changing Password, I have discovered that there is a Unikey/Vietkey character mark in the Password for Users in Vietnam Region. Because here User uses Unikey / Vietkey as the main, so when changing Password, there
sms configuration %mobNo% variable usage
Hello, I have a particular question: my sms provider allows only one method of setting up sms via smtp protocol. To receive an sms the process is as follows: I must send an email to an email address provided by my provider with a message body formatted
Allow users to see when their password expires
I want users to go to the main page of our password tool, and see a "when does my password expire?" Is it possible to do?
Mobile App Authentication
Is there a way to make users authenticate when signing into the app on a new phone? Am I missing something? I've been testing with two phones. An android and an iphone. I enroll on the android and then sign into the iphone. It does not ask to authenticate
ADSelfService Plus' latest build 6201 released!
Hello everyone, This is to announce the release of ADSelfService Plus' latest build, 6201, with the following enhancements and issues fixed. Enhancements: Mac Agent support has now been extended to macOS Monterey. XLSX format is now supported for exporting
What is Password to restore database to another server ?
Hello everyone. I need to migrate a AdSelfService to another server. I make a backup with 'Auto Backup' option, but in restoredb.bat i need to enter a password, but I don't know what the password is. AdSelfService Plus Build: 6100
SMS not send
Hello everyone, I got a funny problem and i can't find a way to solve it. We have three different ways to enter mobile numbers to get the sms verfication code: - 01... - 00491... - +491... The first two types are working. in the "serverOut" logfile, those
The ADSelfService Plus mobile app now supports MFA for app login, Passwordless login and more!
Hey there! We are thrilled to announce the release of ADSelfService Plus' latest build, 6207, with some major updates to the ADSelfService Plus mobile app. Features: MFA for mobile app login: ADSelfService Plus mobile app logins can now be secured with
This site is not secure
Hi, I have just installed ADSelfService Plus in my test environment with the following settings: Installed ADSelfService Plus on Win 2019 (Domain Controller) Installed ADSelfService Plus Agent on the same Win 2019 (Domain Controller) Configured SSL and
What attribute determines if password is almost expired?
Hi All, I'm working with fine grained password policies in Active Directory, and we use this service to send out password expiration email reminders. I wanted to find out what ADSelfService Plus uses as an attribute for determining passwords that are
ADSelfService Plus 6206 Hotfix Release
Hello everyone, We are glad to announce the release of build 6206 with the following issue fixes: Issues Fixed : An issue with the functioning of the custom range filter in Audit Reports, when there were a large number of audit records, has now been fixed.
Cleaning up Patch Folder
Can the old Patches in the Patch folder be cleaned up at all in any fashion? Especially the exploded directories, if not the ppms?
Lost admin privileges after upgrade
Just updated AD Self Service and now when I login, it looks like I'm a regular user instead of an admin. Before upgrade, when I logged in, I'd get the admin functionality.
ADSelf Service plus
What do i need to do if i want my ADSelf Service plus to be accessible from the Internet for external users ? Currently the server is in my LAN for internal users. Management thinks that it is a good idea for users to be able to access this external
MFA authentication factors - default factor and mandatory factor
Hello, We would like to configure a default MFA authenticator factor (exemple : code send via email) the first time a user access the portal and after that a mandatory factor (exemple : OTP from an app or Yubikey), becasue we force a user to enroll a
ADSelfService Plus now extends MFA and Password Policy features to product technicians
Hello everyone, We are glad to announce the release of ADSelfService Plus' latest build, 6204, with the following enhancement and issue fixes. Enhancement: The MFA and Password Policy Enforcer features have now been extended to technicians who use
Auto-Enrollment Issues
I have set up AD to export our user OUs to a csv daily and trying to configure auto-enrollment to run daily using that csv. I'm getting the "invalid header" error if I try to run an import from that file location If I save that export to my computer and
Connect ADSelfService with Azure AD
Hi there, There is a way to connect directly to Azure AD without an OnPrem AD. I cannot connect ADSelf Service with Azure AD. If you have done this please share the steps. BR
Disable / Hide Applications Tab in ADSelfService Plus User View
Hi Guys, Need your help, how can i disable / hide Applications Tab in ADSelfService Plus User View?
Primary and alternative method
Hello everyone. I would like to ask if there is a way to set up a primary method to authenticate (eg. always use push notification) but when not available the user could click a link on the authentication page and select an alternative method. Thanks
ADSelfService Plus' latest build 6203 now released with an important security issue fix
Hey everyone, This is to announce the release of ADSelfService Plus' latest build, 6203, with the following issue fix. Issue fixed: A denial-of-service attack issue (CVE-2022-34829) in the ADSelfService Plus Mobile App Deployment API has now been fixed.
This site is not secure - Logon screen only
Hi, I recently installed AD Self Service and it works just fine with HTTP. So, I tried to enable HTTPS and I generate a CSR through AD360 and issued a certificate through my local CA ( ADCS ) and uploaded the certificate, seems to work just fine. whenever
ADSelfService Plus' latest build 6200 released!
Hello everyone, This is to announce the release of ADSelfService Plus' latest build, 6200, with some issue fixes. Issues fixed: The communication between the Password Sync Agent and the ADSelfService Plus server has now been secured with the inclusion
Reset Admin portal but it doesnt work
We're using the free version of ADSelfService Plus to send out password expiration reminder emails. I changed the default admin password but when I do, the new password doesn't take effect nor does the old one work. Any suggestions on a fix?
adminLogin.cc not working
Using Chrome. When trying to administrate ADSelfService Plus with AD SSO enabled, I usually go to https://<domain>:9251/adminLogin.cc However, since updating to 6200, when I go to that address, I get the screen that says "ManageEngine ADSelfService Plus
Password Sync agent needs .net framework 2.0 and 3.5 to work. Both these have a CVE.
The article (https://www.manageengine.com/products/self-service-password/help/admin-guide/Application/sync/password-sync-agent-native-password-reset.html) says Domain controller should have Microsoft .NET Framework 2.0 or 3.5 for password sync agent
ADSelfService Plus Fixes and Enhancements [2022]
Release Notes for build 6207 (Aug 29, 2022) Features: MFA for mobile app login: ADSelfService Plus mobile app logins can now be secured with an additional layer of authentication using MFA. Passwordless login: Provide easy and secure access to log in
MFA for Endopoint not working on unlock
I have MFA for endpoint setup on our servers and when logging in it functions without issue. But when a server is locked and then unlocked it does not prompt for MFA and lets the user right in. Is this expected behavior? If not what needs to be changed
OWA integration installation problem
1. I installed version 6.1 Build 6123 on Exchange 2019 CU12 on Server 2019 2. I downloaded the android app and was able to enroll the user 3. I verified I could log in to OWA. I got the forms login page, and entered a username/password. This worked 4.
Can enrollment be moderated
Hello: We are currently testing ADSelfService Plus for our company and like it quite a bit. We are wondering however if there is a way to moderate the enrollment process? We would like all enrollments to be approved by the technicians of the appl
OpenLDAP password synchronization for users with polish charset
Hello, I have problem with synchronizing password change to OpenLDAP for users with polish charset in CN ex: „cn=Adam Łącki,ou=Work,ou=Users,ou=PR,ou=ODD,dc=domain,dc=local” When I change password for this usser in AD DS, ADSelfService Plus is detecting
owa installation
I installed version 6.1 Build 6123 on Exchange 2019 CU12 on Server 2019 I manually added the inbound firewall rule for the admin portal (as it could not work without this) I was blocked initially by Configuration:MFA:MFA for endpoints requiring HTTPS
Reset Admin Login Requirements
Hello there, I'm currently trying to repair a very broken, old, and undocumented test environment for ADSelfService Plus. When trying to access the admin logon (via /adminLogin.cc), we get the following, even locally on the server it's installed on..
Using VPN to update cached credentials ADSelfService Plus
Can someone explain to me how the VPN works with this. I have entered the VPN Settings for our NetExtender. I am just curious how this works since it is not asking for any credentials to log into the VPN. Our VPN credentials are tied to our AD usernames/passwords so just a little confused on this part of the setup. Thanks,
Secure helpdesk user verification
The helpdesk is a popular target for hackers. The most popular tactic used is social engineering. While social engineering is likely when using security questions, it is much less common if multi-factor authentication is used. A much needed feature in
GINA 2FA prompt everytime
We are getting ready to roll out this product. When I install the GINA client on my laptop, it works fine. But it is prompting me for answers to my enrollment questions on every single unlock or login. I don't want it to do that, I want it to just be
ADSelfService Plus and log4j (CVE-2021-44228)
Hi, Is the latest version of ADSelfService is vulnerable to the recent log4j vulnerability? Looking at the library files I can see both log4j 1.2.8 and 1.2.15. I really think that the home page should direct us to a status page regarding this issue. Some
Next Page