Different MFA settings for Admin accounts
Hello, I have a fairly simple and straightforward set up, single domain using ADSelfService Plus for MFA. I have it set so that computers can be trusted for 90 days, I would like to make it so that domain admin accounts can't click the trust this computer
Is it possible to use a gMSA with ADSelfService Plus?
Hello everyone! I was wondering if it would be possible to replace the Local Account running the service with a gMSA account. And If this is possible, can this account also be used for domain authentication?
Language MFA Offline
Currently, I don't see the feature to modify the language for MFA Offline. I think this is a great idea to optimize the language for users. I sincerely hope this will be implemented as an essential feature for you to develop
Passwordless MFA Windows
I've heard that ManageEngine technicians are currently implementing the Passwordless MFA feature for Windows and MacOS. Please let us know the estimated release time for the update with this feature, as many businesses in Vietnam are eagerly awaiting
Technician | Multiple Domains
Currently we have 3 Domains in our environment. When technician from domain 1 logs in they are not allowed the option to view registered users in domain 2 or 3, Only Domain 1. I know there is the option to create a Technician using ADSelfService Plus
Mobile App & FIDO2
Hi, Is there any plans to support the use of FIDO2 keys via the mobile app? We're just about to roll out around 600 Yubikeys to staff but it leaves the app unuable if that's the only MFA method we're planning to support. Thanks
Error Code: MFA-041
Hello, What could be the issue on Endpoint MFA Error code: MFA-041 ?
Enable ability to add custom URLs for SSO bypass
I currently have a ticket open to add custom URLs to the ADSelfService database for users to bypass Azure SSO. Allowing the creation of these within the platform would be much easier and time saving
Restrict Users | Based off Group Membership and/or AD Attributes*
Under License Management. Would like to be able to filter users based off Group Membership and/or AD attributes* for scheduled restrict/enabled These attributes filters could also be used under other areas.
Multi-Site Deployment for ADSelfService Plus
Hello all, We are currently evaluating ADSelfService Plus in our trial environment and would like to clarify some details regarding multi-site deployment and database scalability. Here is our scenario: We have separated the database from the application
iphone users not able to receive adselfservice plus MFA push notification.
Is anyone else experiencing this issue?
Copy / Duplicate | ADSelfService Password Expiration Notification?
Is it possible to duplicate Configured Password/Account Expiration Notifications? When trying to keep all notifications/emails to a standard is very time consuming when you have lots of rich text formatting and structure.
[Live Webinar] 4 Password Policy Best Practices for Stronger Security
| FREE WEBINAR 4 Password policy best practices for ensuring compliances Register now February 10 at 2 PM AEST| 2 PM GST | 2 PM EDT Passwords are the first line of defense against security threats, yet weak passwords remain a prevalent issue, making users
License Certificate
Hi Team, We have received the certificate license from our local distributor and request for update the license. Can you guys help to update the license certificate need for compliance document. Because on the certifcate license only inform about the
Password rules on GINA screen
Hi, When we first setup ADSS and pushed out the GINA agent the users would see a list of password requirements when changing their password from the normal change password screen in Windows however I've just noticed this is no longer there. I found this
Unabled to log in as admin
I've initially logged in as admin, and changed the password. Now I can no longer log in, it says "Invalid loginName/password. Please try again."
PostGres out of date
So, the Endpoint Central Vulnerability scanner is complaining about PostGres database components being multiple versions out of date. Could we get a update in the next patch or is there a way to manually update this? I should mention that I am on version
Recommended update: ADSelfService Plus build 6521 includes key security fixes
Hello, ADSelfService Plus' latest build, 6521, has been released with the following issue fixes: Issue fixes An issue which caused ADSelfService Plus portal logins to be slow during periods of high request load has been fixed. An issue in which endpoint
Change in Windows login agent uninstall/update method in ADSelfService Plus (from build 6304)
Hello Everyone, From ADSelfService Plus build 6304 onward, the Windows login agent can no longer be updated or uninstalled through the Windows Control Panel. To manage (install, update, or uninstall) the Windows login agent, please use one of the supported
Password (key) icon on Windows Sign-In screen disappears
Since October, we have noticed a large number of workstations with ADSSP installed no longer show the password (key) icon on the Windows Sign-In Screen. Has anyone else come across this issue? The function still works but the icon is missing so users
How can I keep certificate formats consistent in ADSelfService Plus?
I use ADSelfService Plus regularly and want to make sure every certificate I handle works consistently inside the tool. Since I am a user and not a developer, my concern comes from the practical side of using certificates in my daily workflow rather than
ADSelfService Plus 6519 enhances security with important issue fixes!
Hello Everyone, ADSelfService Plus' latest build, 6519, has been released with the following updates: Issue fixes A critical security vulnerability (CVE-2025-11250) has been identified and resolved. An issue where enrollment for Duo Authenticator through
PCs with software uninstalled still trying to connect to ADSSP server
I have two Windows 11 machines that I previously had the software installed on, then later uninstalled, all done through the ADSSP web GUI. It does not show those machines under the installed list. However, any time my ADSSP server is unreachable for
ADSelfService Plus: Imposible to LOG IN if "User must change password at next logon" is enabled
Application: ADSelfService Plus Version: 6.5.1.5 → 6.5.1.9 (Post-upgrade) Issue Description: Following the recent critical upgrade to version 6.5.1.9, we’ve observed a change in behaviour affecting user Log in on the App. In our organization, when a password
SMS Gateway not working
Hello, I am trying ADSelf Service for my company as a reset tool for our employees , one of the important features that I need is to reset password through SMS , so I contacted my Service provider to send me API access to send SMS in our company name
Kerberos authentication support.
Dear ManageEngine Team, We recently started utilizing Protected Users for a select group of privileged accounts (as outlined by Microsoft here). However, we have observed that these users are unable to log in to AD Self Service Plus to reset their passwords.
RDP Session with GINA Client freezes in Windows to blue background and "please wait".
Hello, we have Windows Servers with the GINA Client to secure it with MFA at the Windows login. When i make RDP and enter my code everything works fine. But when i lock my host computer, from where i started RDP Session and come back and unlock it, very
FIDO2 and PIN prompts
Hi, Can you confirm if this is expected behaviour and if so, can I change it? I have a policy setup to allow the use of FIDO2 keys (YubiKeys). When the user first logs into ADSS he is asked to register his key, he enters his PIN, touches the key and everything
Remcom.exe flagged as malicious
Dear Support Team, our AV solution flagged Remcom.exe from version 6101 as malicious - PUA Application.RemoteAdmin.RLH. A VirusTotal scan shows that this is not an exception: https://www.virustotal.com/gui/file/d7a923357aea4f9d4e65d43d3f800fa4f3b766a825be63d798f5ff35721a462a/detection
ADSelfService Plus 6518 delivers stronger security, performance improvements, and issue fixes!
Hello Everyone, ADSelfService Plus' latest build, 6518, has been released with the following updates: Enhancements ● The Tomcat version used in the product has been updated to 9.0.109. ● ADSelfService Plus now supports PKCE (Proof Key for Code Exchange)
Why ManageEngine forcing customers to purchase JESPA.jar?
Hi everyone. According to this article ... https://www.manageengine.com/products/self-service-password/help/admin-guide/Admin/sso-settings.html Installation with version's above 6210, need a third party commercial jar library from ioplex (jespa.jar) to
You’re invited – ShieldNXG Workshop 2025 (USA) | Hands-on cybersecurity experience
Hello, We are delighted to invite you to our upcoming ShieldNXG Workshop 2025 – USA. This event is designed for IT experts and focuses on advancing identity management and strengthening cybersecurity practices. Guided by experienced IAM and SIEM specialists,
[ManageEngine Cybersecurity Seminar] You’re invited: Reserve your passes today!
Hello, We’re pleased to invite you to our upcoming IAM and Cybersecurity Seminar in Austria. This in-person session is designed for IT and security professionals looking to sharpen their identity and threat defence strategies. What to Expect: • Live Cyberattack
[Webinar Alert]: Hacks can start from password reset requests
| FREE WEBINAR Click. Reset. Secure: Simplifying Identity Security for the Modern Workforce Register now September 10 at 11 AM EDT September 11 at 2 PM AEST | 02 PM GST Do you know that in 2025, 88% of cyberattacks involved stolen credentials? You might
[ManageEngine Cybersecurity Seminar] You’re invited: Reserve your passes today!
Hello, We’re pleased to invite you to our upcoming IAM and Cybersecurity Seminar in Austria. This in-person session is designed for IT and security professionals looking to sharpen their identity and threat defence strategies. What to Expect: • Live Cyberattack
"Connection to Server Failed. Error 400 error." when accessing ADSelfService Plus desktop site.
Currently I am experiencing "Connection to Server Failed. Error 400 error." only when I access the desktop site. The mobile site runs normally. The topology is as follows: User -> Reverse Proxy (NGINX) -> ADSelfService Plus Server. I have installed the
Machine MFA Prompts
Hi, Would it be possible to skip the first couple of windows that appear when using MFA at Windows login? For example, at the moment the user enters their normal Windows password and then prompt saying they need to use a security key, they click continue
Soon-to-expire Account Users Report to Manager shows only one User
Hi there, we have noticed that since version 6513/6514 in the scheduled reports of "Soon-to-expire Account Users" send to the managers of the users only show one user in the file attached to the mail, although there are often multiple user soon to expire
Link expire macro
Does the %linkExpireTime% macro still work? It doesn't show in the list of macros and I put it in my email message and nothing comes through. I'm running build 6515. Also, is there a way to change how long the code is valid?
Ctrl + Alt + Del in RDP
Hello, Ctrl + Alt + End (equivalent to Ctrl + Alt + Del) to change password on RDP will bypass the password policy enforcer even though the client is installed on the remote PC. If I am physically in the office with the PC then Ctrl + Alt + Del to change
Next Page