Clients installed via GPO don't show as installed in ADSSP
Hello, I have a logon script that checks if the ADSelfService Client is installed; if not, it runs the .msi silently via command line. This works just fine, and after logging in the client is successfully installed. However, when I navigate to GINA/Mac Installation -> Installed Machines, no new computers are shown. As far as I can determine, if the client is installed any way other than manually or via the ADSSP "New Installation" tab, the machine doesn't show as having a working client. Despite
How to have the support service escalation?
Hi all, Could you please to share me the contact for support escalation? I have a critical issue and pending 2 months without solution or feedback from supported. Thanks.
AD Manager Plus
We are in the process to evaluate AD Self Service Plus. Our setup works fine for Windows machines however for MAC machines endpoint MFA, after entering username and password, MFA pop up comes as blank. While the reset and unlock screen works as expected
How to mass-enable Endpoint MFA on client PCs
Hello, we are trying to roll out Endpoint MFA to all of our Windows computers. I've configured the policy settings we need but am looking for a way to mass-enable Endpoint MFA in the installed agents. From official documentation I am reading that for
Use ADSelfService Plus GINA agent without VPN to change cached credentials
Is it possible to configure a GINA agent so that it changes a cached credential but doesn't require VPN connectivity?
Implementing MFA with VMware Horizon View using Radius authentication
I am curious to know if there is a ay to use ADSSP's MFA with VMware Horizon View virtual machines. I know GINA does not work for instant clones, but I was curious if using the RADIUS setup with ADSSP and configuring Horizon View to use RADIUS would work.
ADSelfservice unavailable until I login as admin on server.
Hello, I have such problem, adselfservice is not working until I login as admin user on windows server only in this case all need services are starting. Is any way to resolve this issue, because my windows server reboots on its own in night hours after
URL for direct searching
Hi I am looking for the syntax to use in the URL to search for a specific user, something like: https://adselfservice/EmployeeSearch.cc?search="Bob" Can you help? Thanks
Password Requirements on Change/Reset Password Pages
Hello - We're in the process of updating the password requirements for the domain we have ADSSP sync'd to (8 to 12 char minimum, 90 day change cycle, etc.). As it sits, the existing page doesn't even match our current policy. We were under the impression
SelfService App XML?
Hi, We are pushing out iPads to a number of mobile users and want to have the AD Self Service Mobile App installed on each device through our MDM application catalog. In addition we want to make sure the app is deployed pre-configured with the server settings already set so there is no user setup required. Is that do-able? XML config possibly? Best Regards, Brian Mansfield
Hot to redirect HTTP to HTTPS
Hi, my adselfservice page is working on HTTPS port, and everything is working if I go to https://FQDN but if I go to http://FQDN then page is blank. Is any way to auto-redirect on adselfservice to automatically redirect to HTTPS? thanks
If service stop working what happend?
Hello, I installed ADSelfService Plus to the customer server and starts as service. Some time happned that the web console is down and I´ve looked to the service is not running (is setup for automatic startup). If I start MFA endpoind protection with
Users unable to change passwords
We have just started evaluating ADSelfService and are running into an issue where test users that have registered are unable to change their password under the Self Service tab. It lists "Domain Password Policy requirements" (which our test domain has NONE) I have also set the password strength level within the ADSelfService app to "Too short" yet still, no matter what password we change it always fails with this error: Change Password Failed The new password you chose failed to meet any or all
Change database IP in ADSS without configure again
Hi, We use SQL for ADSS in another server, and we are changing the IP in few weeks. Is there any way to change only the SQL server IP and not configure again the database in ADSS which doesn't permit to configure the same database name. Regards,
'keytool' not recognised
Hi. When I try to use the keytool command to install an SSL sertificate, it is not recognised by the command prompt. I also cant see any 'keytool' in the directory specified in the mannual. Any ideas? Thanks for your help.
MFA On A Shared Workstation
Hello I have a few users that need to access a single workstation all using a single Active Directory windows account over RDP. Is there any way we could use MFA in this workstation? The users would already be enrolled into AD Self Service Plus themselves
We keep losing our users enrollment
Every time we update the product the User Enrollment gets reset????? Why, and how to avoid this?
PENDING - 2 months & still UNRESOLVED -- ADSSP Mobile App does not follow the MFA for Reset / Unlock
I had reported this 2 months back now and this is still & definitely a Security risk here. The bug existed in My ADSSP build number 5815 & exist in every version even in 6008 It is over 2 months now and this is still not fixed... Do let me know the escalation process & the SLA for bugs resolutions We have our MFA for Reset / Unlock enabled to 3 factor authentication for reset / unlock operations. However, when performing Password Reset and/or Unlock account from the ADSSP mobile app, it doesn't
AD LDS
Can this product be used for accounts that are stored in AD LDS?
enrollment user and trusted Machine questions
Dears. How can I remove enrollment user ? note; the user account still exist and not disabled. How can I remove trusted Machine after the user check this option during MFA endpoint login process? Thanks in advance.
Upgraded from 9700 to 9800 and can't access adminLogin.cc
Hi, we patched our installation from 9700 to 9800 and can't access adminLogin.cc It keeps redirecting to authorization.do no matter what we try. Any ideas? regards, Kev
Force Enrollment via logon script: Server unreachable, right now!
I have set up force enrollment by adding the appropriate lines to my logon script, however when I log in as a user, I get a popup box that says "Server unreachable, right now!" The firewall is off on the server, and I am able to get to the web portal from the machine that gets the error. Any ideas?
MFA crash on Windows 2012 R2 endpoint (Domain controler)
Hi, We setup ADSSP in an test envrionment to see if it's fits our needs. We successfully be able to setup MFA on some endpoint (Windows 2019). One of our test server is the DC (the only one) of the test domain with Windows 2012 R2 installed. When we
AdSelfservice Gina Client button customization
Hello I would like to know if it is possible to customize or translate the GINA client button on the Windows lock screen. By default it is in English and we would like it to be displayed in Spanish. Thank you.
Couldn't start remote service.Overlapped I/O operation is in progress
Hi, I'm using ADselfService Plus build 6.0.02 and when I want to install GINA agent to our client error me: Couldn't start remote service.Overlapped I/O operation is in progress I started the Remote Registry and Server service and stop windows 10 built-in antivirus and test it again, but I still see the same error. What should I do?
How to integrate with SMS service provider by SOAP
Hi, We used SMS Service Provider that provide SOAP web service. What should I do? Do you have any solution to integrate with ADSelfService? Build No: 6.0.02 DB: MS SQL Thanks for helping
ADSelfService Plus 6008 Hotfix Release
Hello Everyone! We are glad to announce the release of ADSelfService Plus 6008 Hotfix build. Issue Fixes : Fixed an issue that prevented proper embedding of image in email content. If the Password Expiration Notification's retry option is disabled, managers receive an empty Soon-To-Expire Password Users Report on the specific days configured when no users fall under the report that day. This has been fixed. How to update? Update using the service pack. New to ADSelfService Plus? Download the fully
ADSelfService Plus 6007 released with an enhancement and security fixes
Hello Everyone! We are glad to announce the release of ADSelfService Plus 6007 build with the following enhancement and issue fixes. Enhancement: Trusted devices option for Endpoint Machine Login MFA : Users can now mark their machines (Windows, macOS, or Linux) as trusted during login to skip multi-factor authentication for subsequent logins. Admins can define how long a machine should remain trusted. How to update? Update using the service pack. New to ADSelfService Plus? Download the fully functional
ADSelfService Plus 6005 supports multi-factor authentication (MFA) for VPN to help secure your remote workforce
Hello Everyone! The latest build of ADSelfService Plus, 6005, supports MFA for VPN logins. This adds an extra step of authentication for VPN logins for enhanced security. Highlight: Multi-factor authentication (MFA) for VPN : Secure your VPN by enabling MFA via fingerprint/Face ID, Push Notification, Google Authenticator, Yubico OTP, and other wide range of authentication factors. How to update? Update using the service pack. New to ADSelfService Plus? Download the fully functional 30-day free trial
ADSelfService Plus 6004 Hotfix Release
Hello! We are glad to announce the release of build 6004 with the following issue fixes: Issue fixes: Users were not able to login using the mobile browser during SP-initiated SAML SSO. This has been fixed. Password change using the PowerShell API has been secured. Custom questions were not properly displayed when configuring the Auto Enrollment Scheduler using CSV file. This has been fixed. How to update? Update using the service pack. New to ADSelfService Plus? Download the fully functional
ADSelfService Plus 6003 Release - FaceID Support
Hello! We are glad to announce the release of build 6003 with the following issue fixes: Enhancement: Face ID authentication is now supported for MFA in the ADSelfService Plus iOS app. Issue fix: Security fix to prevent unauthenticated remote code execution attacks, which was reported by Bhdresh through our bug bounty program. [ CVE-2020-11552 ] How to update? Update using the service pack. New to ADSelfService Plus? Download the fully functional 30-day free trial now. Regards, ADSelfService Plus
Renew SAML Certificate?
So with the 6.0 Update there was an Enhancement: Enhancement: An option to renew the SAML certificate has been implemented. How to do so? I couldn't find an Option after upgrading via Servicepack. Our SAML Certificate can't be signed because it expired on 10.01.2020 Thanks in advance
Already enrolled for verification code for new users? Company email.
In my company all users and new users already have the email address on "mail" AD field, with this situation if a new user accesses to adssp portal for the first time, in order to enroll, on verification code page its visualize a message: “You have already enrolled for Verification Code” in yellow, the Welcome windows doesn’t popup and if the new user closes adssp portal without any modification, the new user will automatically enroll and appears in the Enrolled users report from admin adssp portal
Using MS Authenticator for push notification
Is there anything in the pipe works to allow push notification to work with the MS Authenticator app? get that ME wants people to use the specific product; however its just another app that users have to install on their phones. We already use the MS app for other MFA solutions and keeping that consistent would be great.
ADSelfService Plus 6002 Hotfix Release
Hello! We are glad to announce the release of build 6002 with the following issue fixes: Issue fixes: Fixed an issue which prevented sending the password expiration notification and expired password notification to users with the Password Setting Object applied to them. Fixed an issue that prevented saving multiple mail addresses under Notify Admin in the Notifications tab of Advanced Policy Configuration settings. Provision for verification of user enrollment status with Duo Security
ADSelfService Plus rolls out conditional access policies in build 6001
Hello Everyone! The latest build of ADSelfService Plus, 6001, supports conditional access policies that analyze users' risks based on their IP address, time of access, device type, before applying a self-service policy to them. This build also features some issue fixes. Highlight: Conditional Access Policy: Use various risk factors such as IP address, device type, time of access, and geo location to determine which self-service policy will be assigned to users. With Conditional Access Policies, you
Postgre SQL
Hi, is it possible to connect to the Postgre SQL Database ? Thanks, Matthias
cached credentials for remote user's PC
Hello All, With the pandemic that enforce organizations to let their employees work from home, digitization played the most important role to facilitate organizations to achieve their goals. As a result, we have all touch the challenges and benefits from digitization, specialty if the orgnization is not ready to adopt remote working or telecommuters. Thus, when it comes to access management, through reset password or unlock accounts the ADSelf service was very beneficial to reduce the cost and operation
preset colour themes
Hi, is there any way to use plain white as colour scheme? Cause the 4 preset 'dark' colours dont match with our coporate design. thanks in advance
Basic Authentication EOL?
Good afternoon, in preparation for Microsoft making Basic Authentication end of life we disabled it for the account we use for SMTP authentication in ADSelfServicePlus. We found that this broke our notifications. Any idea if this will be addressed in an update? We are on version 5815. Thanks!
Next Page