Enrollment during GINA logon
Hi, We're trying to use the ADSelfService_Enroll.hta script to force/remind users to enrol in ADSS but are having a lot of problems running it. Typically we're met with the message that the "server unreachable" when the server is in fact reachable, all
Problem with Web UI MFA Enrollment - Invalid request
Hello! I configure Adselfservice Plus server with SSL + nginxproxymanager to use full domainname with letsencrypt Problems is only with Web UI MFA Enrollment Mobile phone Enrollment - Working! Windows PC client MFA - Working!
Problem with Web UI MFA Enrollment - Invalid request
Hello! I configure Adselfservice Plus server with SSL + nginxproxymanager to use full domainname with letsencrypt Problems is only with Web UI MFA Enrollment Mobile phone Enrollment - Working! Windows PC client MFA - Working!
UpdateManager.bat GUI graphical issue
When I launch UpdateManager.bat the GUI is unreadable as if there was a refresh problem. ADSelfService Plus - v. 6.5 - 64 bit - build 6510 (also previous version)
Passwordless MFA Windows
I've heard that ManageEngine technicians are currently implementing the Passwordless MFA feature for Windows and MacOS. Please let us know the estimated release time for the update with this feature, as many businesses in Vietnam are eagerly awaiting
"reset password"doesnt appear in login screen
Hello, After installing the latest Client Software msi we do not get the line "reset password/unlock account" under the user's password. How can we get it there? When we open the "C:\Program Files (x86)\ZOHO Corp\ADSelfService Plus Client Software\ADSSPDesktop.exe" file it does work and shows us the login page. Registry settings: Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\ZOHO Corp\ADSelfService Plus Client Software] "PreSharedKey"="" "Version"="4.2.9" "VpnDisconnectCmd"=""
Ports
Hi there, I am sure this has been asked before but an curious as to why all these ports need to be open? Ports Protocols Services Direction 135 TCP RPC Inbound and outbound 389 TCP and UDP LDAP Inbound and outbound 636 TCP LDAP SSL Inbound and outbound 3268 TCP LDAP GC Inbound and outbound 3269 TCP LDAP GC SSL Inbound and outbound 88 TCP and UDP Kerberos Inbound and outbound 53 TCP and UDP DNS Inbound and outbound 445 TCP and UDP SMB Inbound and outbound 25 TCP SMTP Inbound and outbound 464 TCP and
Free edition email confirmation
Hello, I'm looking to use ADSelfService Plus free version for a limited temp project with ~25 users who will need to auth against a temp AD environment. ADSS will be internal-only, not public. Users will not be on AD bound machines, so I just need the
Reset admin password
Guys, Just wondering how to reset the password for the default adselfservice 'admin' account. I think I set this when installing the product but don't remember! Cheers
ADSelfSevice Plus build 6511 fixes an account takeover vulnerability
Hello Everyone, ADSelfService Plus' latest build, 6511, has been released with the following issue fixes: Issue fixes An account takeover vulnerability (CVE-2025-1723) caused by session conflicts has been fixed. Learn more. The push notification certificate
Custom message to users
Right now for users who have not passed onboarding, when trying to authorize, both Cisco Any Connect and Exchange return an error that the username or password is incorrect. Create a custom message if the user fails onboarding and attempts to authorize,
Sound in iPhone Notification
Greetings, Currently there is no sound (alert) when a notification arrives in iPhone devices. Kindly consider implementing this feature. Best regards, Theo
Password reset failed
When resetting the password via email, after entering the verification code and the corresponding answer, it will prompt 'You do not have permission to perform this action'! How to view the log?
ERR_SSL_VERSION_OR_CIPHER_MISMATCH
Hi, We get error after applying rapidssl .cer certificate. I have followed this ssl guide https://download.manageengine.com/products/self-service-password/adselfservice-plus-ssl-installation-guide.pdf. Same error with chrome and IE. How to fix this problem?
Multi-Factor Authentication on endpont - Not Working
Hi, I’m in the process of enforcing MFA enrollment and MFA on our servers/endpoints using ADSelfService Plus. After completing the configuration and running some tests, the GINA application is triggered. However, only the Reset Password/Unlock Account
Error code: ERR_SSL_PROTOCOL_ERROR
Hi, I am getting the following error when using Chrome to access my ADSelfService Site. Error code: ERR_SSL_PROTOCOL_ERROR I have already added the sslProtocols="TLSv1" to the connector, but I still get the error. On SSL Labs check, I get the following errors The server supports only older protocols, but not the current best TLS 1.2. Grade capped to B. This server accepts the RC4 cipher, which is weak. Grade capped to B There is no support for secure renegotiation. The server does not support Forward
Adding Domain in SDP
I have an existing SDP free version, my problem is I cannot add a another domain and the error is "Domain with same name already exists. Please provide different value for Domain name."
Broken logo on login and main admin screen
Hi, I have on the first screen broken logo with text AdselfService Plus (screen attached), this logo is also when admin login on main screen upper left cornet, how to remove this logo from here?
How to view or reset the default admin security questions
ADSelfService plus was set up by someone who's left & while they recorded the admin password, they didn't record the answers to the security questions. I can log on as .\admin but then get: Currently on build 6402 but about to update to 6510. Logging
expired SAML certificate MFA: how to regenerate
Good morning, I want to configure saml in mfa. I have the following error message (see attachments) indicating that the saml certificate has expired how can I regenerate it ? I don't see this option and the configuration cannot be done I tried to regenerate
Kerberos authentication support.
Dear ManageEngine Team, We recently started utilizing Protected Users for a select group of privileged accounts (as outlined by Microsoft here). However, we have observed that these users are unable to log in to AD Self Service Plus to reset their passwords.
Problem with adselfservice on-premise server migration
Hi, I need to migration Adselfservice to the new server, so I follow this official guide, but have problems: https://www.manageengine.com/products/self-service-password/kb/adself-service-installation-server-migration.html Old server is: -windows 2012
ADSelfService Plus' build 6509 released with an enhancement and bug fixes.
Hello Everyone, This is to announce the release of ADSelfService Plus' latest build, 6509, with the following enhancement and issue fixes: Enhancements The Windows login agent is now compatible with devices running on ARM64 processors. Issue fixes An
Remcom.exe flagged as malicious
Dear Support Team, our AV solution flagged Remcom.exe from version 6101 as malicious - PUA Application.RemoteAdmin.RLH. A VirusTotal scan shows that this is not an exception: https://www.virustotal.com/gui/file/d7a923357aea4f9d4e65d43d3f800fa4f3b766a825be63d798f5ff35721a462a/detection
UAC and MFA
Hi, We just realised that when we launch an app using elevated credentials the device is contacting our ADSS server. If the server is not reachable (no network connection for example) we're not able to get password the prompt and instead get a message
ADSelfService Plus' build 6510 released! Now supports macOS 15 Sequoia
Hello Everyone, We are glad to announce the release of ADSelfService Plus' latest build, 6510, with the following enhancement and issue fixes: Enhancements macOS 15 Sequoia is now supported by the macOS login agent for MFA and self-service password resets
ADSelfService Plus Fixes and Enhancements [2025]
Release Notes for build 6511 (Feb 26, 2025) Issue Fixes An account takeover vulnerability (CVE-2025-1723) caused by session conflicts has been fixed. Learn more. The push notification certificate on the ADSelfService Plus iOS app has been renewed. Release
MFA for ADSelfService Plus
Users can now choose between two Multi-Factor Authentication (MFA) methods: security questions or Microsoft Authenticator. Is it possible to enable MFA for ADSelfService Plus login only for users who have opted for Microsoft Authenticator?
ADSelfService and Password Sync Agents
Was going to test the password sync agents from our 16 domains to our main adselfservice on the top level forest. Ran out of time to test on the trial due to waiting on our network crew to open things up. If I reinstall adselfservice, do I have to have
Message "Data update unsuccessful as per standards set by the administrator. Please try other alternatives."
Hi, Got an error with ADSelfService Plus where user cannot update the Contact section. Previously, it was possible to do so. A user got a message "Data update unsuccessful as per standards set by the administrator. Please try other alternatives." when
The MFA endpoint is taking a long time to load
Currently, I am pushing the agent to the user's computer. When the user accesses the device, the MFA prompt appears but gets stuck on the loading screen for a long time (from 2 to 4 minutes). Please investigate the issue and help us find a solution. Thank
Send notification delivery status to Manager: HTM attachment?
Hello. I am trying to better understand if I can change the behavior of the service when it sends the notification to the manager, as per the configuration: The e-mail reaches the recipient (the manager) in this way: The body is empty and the text that
How do i reset user's authenicator app token to a new phone?
Hi Support, A user registered the selfservice for his old phone.But he lost his phone recently.How do i reset the user's microsoft authenicator app token to a new phone?Thank you.
ADselfserv password expiration notification
A completely stupid problem. Users who have already been disabled on the ad controller continue to receive password expiration emails. How to fix this?
ADSelfService Plus' build 6508 released with enhancements and bug fixes
Hello Everyone, This is to announce the release of ADSelfService Plus' latest build, 6508, with the following enhancements and issue fixes: Enhancements The Spring Framework JAR files used in the product have been updated to version 5.3.39. The PostgreSQL
ADSelfService Plus build 6507 released with a bug fix
Hello Everyone, ADSelfService Plus build 6507 has been released with the following issue fix: Issue Fixed: A memory leak issue caused while decrypting the password sent by the password sync agent. How do I update to this build? Update using the service
Feature Request - Password Sync Agent Status
Hi, I set up all the Password Sync Agents on the domain controllers but it looks like there is nothing in the portal to show the status of the agent. It would be very helpful if we could see the communication status of the agents on each DC and also set
[Tips & Tricks] Sending specific logs to the ADSelfService Plus Support team
While troubleshooting a issue raised by you, the ADSelfService Plus support team might request your log files for technical analysis. You can send the log files either directly from the ADSelfService Plus portal or by uploading it manually to the our
[Tips & Tricks] Removing old logs and database backups from ADSelfService Plus
You can configure ADSelfService Plus to delete outdated log files and and database backups after a specified amount of time, to automatically declutter your files and free-up disk space. Please follow the instructions below to configure automatic file
ADSelfService Plus' build 6506 released with bug fixes
Hello Everyone, This is to announce the release of ADSelfService Plus' latest build, 6506, with the following issue fixes: Issue Fixes An issue that caused users' sessions to expire during the password reset process has now been fixed. This issue occurred
Next Page