Mobile site
Its great we got the mobile version of the site but how do we direct our clients to use it? Most versions of mobile sites auto direct you to the mobile version when you hit the site if it detects a mobile device... With ADSelf service will they need to know the url as the only route? kinda useless if so. My students will never access it that way.....
Recommended Practice for Self-Service Reset?
Hi. I'm reviewing our implementation of ADSelfService Plus. Please can you confirm whether the set of questions provided with the product are intended for real-life use or only e.g. as sample questions for evaluation purposes? One or two of them seem weak. Also, is there a recommended or best pratice minimum number of questions that should be answered in order to reset a password? We are using questions-only for reset and not e.g. SMS. Thanks OS.
Certifcates from Windows Internal CA
I am suing a Windows Internal CA and want to use certificates from this CA. The guide provided here: http://www.manageengine.com/products/self-service-password/adselfservice-plus-ssl-installation-guide.pdf provides no instructions for a Windows CA. I have tried the instructions from this link: http://forums.manageengine.com/viewFile.do?fileId=49000005194646&forumGroupId=49000000002007 but also with no success. Can anyone be of assistance?
My Info Self Update Domain Controller
Was just wondering.. from what I can tell, Self Update will update either the local DC to the ADSelfServicePlus server or the one with the PDC role, and replication will immediately replicate it to another DC in the same site, from there it takes the usual replication time for the user's update to replicate to other Domain Controllers. I did however hope that "Site Based DC", which allows you to "Configure the Domain Controllers to be updated on self-service operations." would allow you specify per
Text in a button
Hi I would like to change the text in button on the attached image. Where do I go to change it? Thank you
AD Self Service on Citrix VDI
Hi How AD Self Service will work on Citrix VDI environment and GINA support on same. Regards Manish Naik
User gets "Sorry ! You are not authorized to view the contents of this file" when trying to enroll.
Sorry ! You are not authorized to view the contents of this file User was sent an enrollment invitation email. User then selects link in email and is sent directly to the ADDSP login page. User tries to login and gets: "Sorry ! You are not authorized to view the contents of this file" Where can I check to see if user has the correct permissions? Thanks
ADSelfService Plus Build 5020 released !!!
Hello Everybody! It is with great pleasure that we announce the latest release of ADSelfService Plus 5.0 Build 5020. The release brings mobile support to ADSelfService Plus to aid you in your ‘BYOD’ strategy and for a much easier self-service password management. Features Mobile Password Management: ADSelfService Plus solves password related issues of BYOD-enabled organizations. It now offers mobile support, enabling users to reset their forgotten Windows Active Directory passwords and unlock locked-out
Expired session redirect
Hi, When a user requests an unlock code and the session expires the login page that the user is redirected to (https://xxx.yyy.zzz/accounts/SessionExpiry?methodToCall=sessionInvalidate&isGina=null) doesn't show the rebranded corporate logo (broken link) or the icons for the unlock/reset functions. Note that I have customized my login screen ("DomainLogin.html") Thanks, Tom Image capture of the page with broken links:
Users can edit disabled fields in their profiles
We are using ADselfService Plus, and have discovered that users can edit disabled fields such as 'job title', which should not be editable by the user. We have found this problem in version 4.5, build number : 4544. Steps to reproduce: 1. Login to ADselfService Plus profile edit profile page. 2. Right click on a disabled field and click "Inspect element". 3. A panel will open at the bottom; right click on the highlighted line of text, and click "Edit as HTML". 4. Remove the segment "disabled='disabled'
Restrict ADSeflService access by AD group membership?
Is there a way to restrict access to ADSelfService by AD group membership? I'm aware of the OU restriction option but that is not as easy for us to achieve with our current workflow, I want to restrict terminated user accounts from being able to access during our 30 day retention period where we keep them active prior to complete removal.
GINA and GPO
Hi Is it possible to push out GINA via a group policy? Whilst I appreciate that you can install it via the Admin page it will only push the install out if the machine is actually switched on. I can not go aorund 2000 PCs and switch them all on to install? Is there any way around this? Thank you very much!
Cant reset the password the + is missing at "my mobile number"
When I want to reset a Password with the SelfServiceportal the + is missing at the mobile number, the number itself is correct but without +. If I want to continue then incorrect number appears. At the Active Directory the number is correct with + Thanks Mike
ADSelfService Plus Build 5011 released !!!
Hello Everybody! It is with great pleasure that we announce the latest release of ADSelfService Plus 5.0 Build 5011. The release brings with it some major enhancements and bug fixes. Enhancements · Facility to schedule and export audit reports filtered by Domain or OUs. · Sending SMS via Clickatell to mobile numbers with special characters has been improved. Fixed · Issue in enrollment while selecting Security Questions and when self-update is disabled. · %dateTime%
Cannot access admin portal after adding certs
Installation went OK Access to password change and admin portal were OK via http 8888, remotely and locally. Added public certs per instructions using keytool. Moved server.keystore and edited server.xml. Started service OK. Can no longer get to browser using port 8888 or port 9251. Cannot access the admin portal. Remotely, access on port 8888 redirects to 9251 and I get an 'Unable to connect' Locally, I try to access on 8888 or 9251, and i get an 'Unable to display webpage' Removing certs using
Can I see which challenge questions users have used to enroll?
Hi A question has come up regarding challenge questions. Once a challenge question has been answered by someone enrolling it can't be changed (correct me if I am wrong) - so should we need to change a question is there a way to see who has answered a particular question? Then we can assess how many people we would need to disenroll to be able to change the question. Thanks
Unable to disenroll a user
Hi I am testing ADSSP and need to disenroll all of the users. Going through Reports - Enrollment Reports - Enrolled Users Report and clicking the X works for all but one person, if I click the X next to this person it makes their detail change to bold text and doesn't disenroll them Any ideas? Thanks
ADSelfService Plus Build 5010 released !!!
Hello Everybody! It is with great pleasure that we announce the latest release of ADSelfService Plus 5.0 Build 5010. The release brings with it a slew of enhancements to Directory Self-Update and some bug fixes. Enhancements Administrators can now force users to Self-Update their information when they log in to ADSelfService Plus Users can now remove their photo during Self-Update as and when they see fit Administrators can now give users the ability to skip entering secondary mobile number and email
Gina - Windows 7 not showing
Hi, I have installed ADselfservice with no problems and been able to install the Gina on Windows XP and can see the buttons etc. I have now installed the Gina app on to a Windows 7 computer but cannot see where the user can press the reset password\unlock button on the log on screen. Am I being blind or have I missed something on the installation for Windows 7? Thanks Kev
GINA Customization
Hello, I know this question has been asked before but I need a little more help. I have attached the screenshot in case my terminology isn't correct. We want out users to only have the ability to unlock their accounts. How do we remove the Reset Password button?
Password policy
I am evaluating ADSelfService Plus and have a couple of questions. How does the application determine the password policy? We are currently not using the default domain group policy but rather other group policies applied to individual OUs. Can it handle OUs with different password policies? Is there an established way to test imminent password expirations without having to change the AD password policy for the entire domain? Thanks, Tom
Cant reset password
We just installed trial version. We get this trying to reset our passwords using link from login GINA? adssp.custom.error.text.reset_pwd_failed
Deploying Gina/CP from a server in the DMZ to workstations inside the network
Our ADSelfService Plus server running 5.0 5002 resides in our DMZ, but on the domain. So far, all functionality of the product works as expected, except when trying to deploy Gina/CP from the web app. When I try to push the installation to some computers, I get the error "The network path was not found." I have the server running on ports 80 and 443. Ports 389 and 135 are open between the ADSSP server and the domain controllers. My question is: do I need port 445 open for SMB in order to copy/push
Enable Force Enrolment Issue
Hi I was hoping someone can help me. Just tried to enable Force Enrolment and I get this message Configurations Updated Successfully! Warning: Failed to copy the logon script, ADSelfService_Enroll.hta to the scripts folder under SYSVOL share of DC. Please add the file manually. Ive copied ADSelfService_Enroll.hta to C:\Windows\SYSVOL\sysvol\domain.co.uk\scripts now But im just wondering. Do I have to manually add ADSelfService_Enroll.hta to the logon script? as that would be a big issue
Can I change the Security Que & Ans text?
When enrolling the text above the security questions says "Length Specification The minimum length of the answer(s) should be 5 characters and maximum allowed is 255 characters" Can I amend this? I would like to to say give the answer length and also to advise people that they can us pass phrases, if I can do this then I can change the questions to make them better than the standard "mother's maiden" name and other things that people can find on social networking sites! Thanks Rich
Restrict users from ADSelfService based on AD group membership
Is there a way to restrict access to ADSelfService by AD group membership? I'm aware of the OU restriction option but that would be harder for us to implement, my concern is keeping terminated employees from accessing it while their account is still active in our 30 day retention policy.
Option to change the sequence of identity verfication in ADSelfService Plus
Hi, Would like to have a option to change the sequence of identity verification. Currently it is sms/email verification code verified follow by security answer. It will be good if the security answer can come first then follow by sms/email verification code. This is to prevent any users from keep entering other perople username for unlocking account. The user who username being entered will keep receiving sms verification code. Imagine this person keep receiving sms verfication the whole day without
Automatic log out
Hey there, I want to know, if there is a possibility to automatically log out of the ADSSP after you closed the browser? Furthermore, is it possible to delete the Domain-Securitysettings? (e.g. minimum Password length etc.) Best regards, Dominik Blum bhn Dienstleistungs GmbH
How to implement ADSelfServices Plus in public network
Hi, Can you suggest a solution to implement the ADSelfServices Plus in public network? I understand the ADSelfServices Plus is internal facing, as it need to talk to the AD. If I want to make it to public, which mean our user are able to reset their password in anywhere? Do you have any suggestion? Any security concern and recommendation? DMZ is one of the method, any other suggestion which can protect the AD being hack? Thanks and regards, Carmel Lee
Migrating and Upgrading DB Restore
Is it going to be problem to Migrate to a new server / and use the new upgraded build? Migrating From - Window XP Virtual - Build 4501 To - Windows 7 Virtual - Build 5002 I'm getting error i when try to restore DB. States Version issue. Procedure? Possible? C:\ManageEngine\ADSelfService Plus\bin>restoredb.bat 130630-0200.zip This backup file [130630-0200.zip] and the current version of the product are no t compatible. Versions from zip file ::: ManageEngine_ADSelfService_Plus-4.4.0-SP-6.0.0,Manag
ADSelfService Plus Build 5002 released !!!
Hello Everybody! It is with great pleasure that we announce the business availability of ADSelfService Plus 5.0 Build 5002. The latest release comes with a service pack for existing customers to upgrade and get all the features, enhancements and fixes of its previous versions. Enhancements Option to restrict Password Expiry Notifications from being sent to disabled users. Option to modify permissions of Technicians user role. Fixed Issue in opening notifications received as email attachments with
How to add secondary email address without enrollment
Hi, I would like to know how to add 2nd email address to use for reset password? I would like to roll out the platform without any user enrollment, which mean the administrator will make ready for user. Any bulk user enroll or edit features? Thanks and regards, Carmel Lee
How to add secondary email address without enroll
Hi, I would like to know how to add secondary email address without user to enroll in the ADSelfServicePlus? I would like to roll out the system without user enrollment. All information will be provided by user and setup by administrator. So if user need to reset their password, they would able to select their default email address (e.g. Exchange) and the 2nd email address (e.g. personal address). Thanks and regards, Carmel Lee
Notify users by email
Good afternoon, To notify users by email that the password has been unlocked. like to mention in the email that was made in the machine (hostname) but the problem is that I set %hostname% but only appears the notification (IP Adress). someone can help me? Fernando Oliveira
To notify users by email (hostname)
Good afternoon, To notify users by email that the password has been unlocked. like to mention in the email that was made in the machine (hostname) but the problem is that I set %hostname% but only appears in the notification the IP adress. someone can help me? Fernando Oliveira
LDAP Macros
We are attempting to use the macros on the enrollment email. So far only the custom attribute of "username" will display correctly in the email. How can we use the default attributes, such as displayName? Currently it literally displays as %displayName%, not the ldap data intended.
Is MS SQL Server 2012 supported with ADSelfService Plus
Hi - Am I able to run the ADSSP database on SQL Server 2012 ? Thanks, Dave.
Web application access using reverse proxy
Hello, I publish Web application ADSelfService using a reverse Proxy. This application is now reachable using a URL with this format : https://XXX.XXX.XXX/ADSelfService/. Application is reachable but I've got a problem with js (javas script). js are placed in https://XXX.XXX.XXX/ADSelfService/js/ but ADSelsService try to access js using this URL https://XXX.XXX.XXX/js/. Is there a solution to solve my problem ? Regards
Unexpected and inconsistent basic authentication prompts
When accessing ADSelfService from OS X (domain-joined or otherwise), I see basic authentication prompts (screenshot below) in Chrome (27.0.1453.93) and Firefox (20). Safari (6.0.4) acts like it's trying to load the login page, but it never appears and I don't see a basic auth prompt. In Chrome, it doesn't matter what I enter in the basic auth prompt (ADSelfService credentials or enrolled AD user credentials). The prompt reappears several times, but finally the following message appears, and I can't
Emailing Enrolled Users
Is there a way to send emails to enrolled users Thanks
Next Page