"reset password"doesnt appear in login screen
Hello, After installing the latest Client Software msi we do not get the line "reset password/unlock account" under the user's password. How can we get it there? When we open the "C:\Program Files (x86)\ZOHO Corp\ADSelfService Plus Client Software\ADSSPDesktop.exe" file it does work and shows us the login page. Registry settings: Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\ZOHO Corp\ADSelfService Plus Client Software] "PreSharedKey"="" "Version"="4.2.9" "VpnDisconnectCmd"=""
New Installation
Hi! We're trying to implement ADSelfService Plus for the first time. We're having a heck of a time using the product. We have had very inconsistent results. I'm curious if anyone else has had difficulty getting the product running? Would you be able to provide any insights? Does anyone know of a way to get level 3 support with the product? Any help/comments/suggestions would be appreciated! Thanks, Scott
iOS/Android App Logon To Option & Push Notification Pop Up
In our environment we have 3 Domains configured and we have our users enter the Domain and Username in the following format when using AD Self Service Plus Domain\Username. No issue there but, on the iOS App it shows the Logon to option where as in the Android App it does not. Any particular reason why? Is there a way to make it standard for both? (see screenshots below) We would like the Logon To option to be hidden from the mobile app as well, as we have disabled the "Show 'Log on to' option
large files mdmp extention
Hello, After a support session from one of the ManageEngine employees we've got a large ADManageEngine folder filled with .MDMP files. The folder is about 10GB in size, "8,16GB" files in the \bin\ folder, all files with the following names: hs_err_pid276.mdmp - 246mb hs_err_pid868.mdmp - 260mb hs_err_pid1572.mdmp - 258mb hs_err_pid1708.mdmp - 255mb hs_err_pid3032.mdmp - 252mb What can i do with the files? Can i delete them all?
Password Expiration Notifications
ADSelfService is not delivering Password Expiration Notifications for all users. I have it configured to email the user daily at the start of 14 days up until the day of expiration or when they change their passwords. There are users that are not receiving the notifications and there are some that will receive them but not everyday or suddenly stop. I have verified that the Domain Controller is configured properly, and that all OU's are selected. What could be causing this issue, as logs don't
ADSelfService with Load Balancer and https
We are trying to setup ADSelfService on AWS. ADSelfService installed on EC2 instance and we put AWS ELB (Classic) in front of the instance. This ELB is only used to serve https from user to adss. However on login page we get problem where captcha image url is using http instead of https so browser does not load this image and give warning of mixed content. Are there any settings that we have to do for this kind of setup so all URL from ADSelfService is https? Thank you in advance.
Email Notification select specific OUs not working?
For some reason, when trying to specify an OU in the To: [domain] field for "Send Enrollment Notification via email", it persists to ALL. It never allows me to specify an OU. I thought this was a browser issue, but it happens on all browsers, all systems. so its repeatable. Why am I unable to target specific OUs? Am I missing something here? Running on the latest version of ADSSP.
Upgrade to 5315, Users cannot change passwords
08.12.2016: Unfortunately, removing KB3167679 did not work for our environment and the Support team has indicated we'll have to await a solution from their development team. Awaiting final resolution. UPDATE: Contacted support regarding this issue; appears to be a problem with build 5315 I believe. Awaiting resolution from support team. After upgrading to build 5315 some of our users are reporting issues resetting or changing their passwords, even though they meet the security requirements. The Password
ManageEngine ADSelfService Portal - Unlock Account not working
Hi, I've just deployed ManageEngine's ADSelfService and noticed that the account unlock feature doesn't appear to work. I've gone through the steps of enrollment then went on to lock the account, go through the unlock account feature, get a confirmation that my account is unlocked but when I look in Active Directory, the account's properties still indicate the account is locked. Can someone let me know what is the best way to troubleshoot this? I can see the unlock request logged in the dashboard
Cannot configure certain features
Hello, I'm having an issue with trying to configure email notifications. Actually it's 2 issues. 1 - I cannot successfully get to the Server Settings section under Admin -> Product Settings. Clicking Server Settings will load some of the page, but I cannot see anything under the Mail Settings tab. I can also not click SMS Settings or Proxy Settings to load those tabs. Both the Connection and Windows Service links under Product Settings seem to work fine; it's just Server Settings where I have
SQL Database Move
I am very new to ADSelfService Plus ver. 4.5 as in, our team recently acquired ownership of the production environment. our DBA team has informed us they need to move our sql instance to a new server. what is the best practice for updating the sql configuration? i found this KB https://www.manageengine.com/products/service-desk/help/adminguide/introduction/setting_up_database.html#Configuring MS SQL but was unable to locate a file changeDBServer.bat and the KB doesnt really specify what version
ADselfservice Plus postgres credentials
We are trying to auto enroll users and need to gain access to the postgres database to do so. Please provide me with the default username and password for the postgres database
Monitors Flickering after installing GINA client on some machines
I am testing this solution but have run into an issue where some clients are causing the screens to flicker and become unusable. Once I remove the client, the flickering stops. This occurs even after rebooting the computer.
Black screen upon logon (30-60 seconds)
Hey there, We're running version 5309 with GINA client 4.2.9 on our endpoints and several of our users have noted a black screen at logon that delays logon times by up to 60 seconds. We've replicated this issue and removing the GINA client removes the black screen and additional logon delay. Has anyone else experienced something similar or know of a known bug. I didn't see any comment towards this in the release notes so haven't felt a need to upgrade.
Client software installation
Good day I have just tried doing a manual installation of the the client software on an end user machine then restarted. I was expecting to see the addition of the ADSelfService components on the logon screen but nothing happened. I was asked to input the server name and port during install. The client OS is Win7 Enterprise. How would I make sure the client installscorrectly to allow proper usage by end users. Regards
iOS/Android Configuration Issues
I really need assistance with an issue I am experiencing where I am unable to configure our Server/Site settings for iOS and Android mobile applications. We recently made the site accessible to the public internet, we have the site configured through an F5 balancer but since IP space in our environment is extremely limited we were forced to use SNI which allows the server to connect to multiple SSL Certificates to one IP address and gate. If I configure the settings on the iOS/Android application
ADSelfservice App (IOS) not working
Hello, The app for the ADSelfservice portal is not working. Also, access to the mobile site via Safari is not possible (anymore). Chrome however, installed on IOS, works. most likely this has something to do with the SSL ciphers. I modified the server.xml as described in the fix for the "weak ephemeral Diffie-Hellman public key" issue. Still the app and Safari is not working. I am running on the latest version of ADSelfService. how to fix this ? kind regards, Marco Nedermeijer
ADselfservice Portal not working in chrome 48.0.2564.103
We are getting below error while opening self-service portal in google chrome. This webpage is not available ERR_SSL_VERSION_OR_CIPHER_MISMATCH A secure connection cannot be established because this site uses an unsupported protocol or cipher suite. This is likely to be caused when the server needs RC4, which is no longer considered secure. How it is working in IE.
Unable to reset admin password
I believe we were using a service account to query our AD. That account was compromised and therefore disabled. We now can not login to the console. I reset the ADMIN password using the .bat file .. one issue (I think) is that on the login screen the Log on to: drop down only has our domain listed .. I put in the admin admin and it fails .. I tried local\admin for user name but that failed as well. Ideas on how I get back in?
AdSelfService Plus Multi Domain
Does ADSelfService Plus support multiple domains? If so how do I go about setting it up.
SelfService mail server fail
Mail service from SelfService has quit. I have tried to send test emails, which also fail. Where can I find a report that may say why? We use basic settings for outgoing mail (anon, port 25, SMTP w/ no SSL/TLS). The host server can reach the mail server (AD Manager is working fine). Thank you!
Policy Configuration
I have a policy setup to automatically unlock user accounts if part a specific group. An account got locked out and nothing happened. I am confused by one of the settings, the automation tab. Not sure if I have this setup correctly.
Error durring patch
I get the following error when patching from 5306 to 5307.. Please advise. Unexpected Error. Please click View Log>> for more details java.lang.reflect.InvocationTargetException at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source) at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source) at java.lang.reflect.Method.invoke(Unknown Source) at com.adventnet.tools.update.installer.Unzipper.contextPostInstallation(Unzipper.java:1421)
Soon-To-Expire Scheduler for Fine-Grained Policies
I'm curious to know if anyone has been successful with using this tool against Active Directory with a PSO Fine-Grained password policy? I'm wondering if there is any way, we can configure ADSelfService Plus, to use something other than the Default Domain policy within AD. We have several different types of password policies, we have multiple agencies which have different standards. With that said, we utilize a method of password policy management, which is known as a PSO policy against Global Security
ShowADSSPTile
AD SelfService Plus, Build Number : 5305 'ShowADSSPTile' is 'FALSE' but Tile still appearing: Client OS: Win 7, 8.1, and 10 I only want the ‘Reset Password/Unlock Account’ link at the logon prompt and not any separate tile. Please Advise?
SSL is kicking my butt
I have SSL working but not on my fully qualified domain name. For example: https://server/ comes up fine, but if I use https://server.mydomain.com/ then it throws a certificate error. I have installed self-signed AD certs. I have also tried installing with my GoDaddy certs, but the ADSelfService pages won't even load when I do that. Also, my godaddy certs are not like the ones given in the examples. My boss is insisting that https://server.mydomain.com/ functions warning-free before we deploy.
Not working after installing new certificate
Our ADSelfService portal was using a certificate which gave errors with Chrome and Firefox (“Server has a weak ephemeral Diffie-Hellman public key”), so I bought a new certificate. I created a new keystore for this new certificate and modified the server.xml: <Connector SSLEnabled="true" acceptCount="100" clientAuth="false" connectionTimeout="20000" debug="1" disableUploadTimeout="true" enableLookups="false" keystoreFile="./conf/sspapplusrtdcom.pfx" keystoreType="PKCS12" keystorePass="******"
Problem to register new entry in a DropDown list
Hi We have a DropDown List for psysical locations related to the Office Field in Active Directory. When i am tryying to add a New location I got this Message I am here triing to add 'Berglund' and it is not a dublicate. Whatever I Write her I get the same Message. Any Idea why this hppens? I have done this before without any problem. Since last it worked ok, I have upgraded to Version 5.305. Regards Reidun
Cert error on Iphones and Androids but working ok on PC.
I am getting certificate errors on iphones and Androids, with assistance I was able to get the correct cert installed and working ok on IE and pc web browsers but we are still getting the error on phones which is where we hope to use this. We might use the application for the phones but for initial enrollment email they are required to click on the email web address and enroll, this is where we are having an issue.
SMS not send
Hello, When a user tries to unlock/reset password through the web interface he/she doesn't get a SMS with the verification code on their mobile phone. We can send a test sms to the same number from the admin page though. Settings: Clickatell SMS gateway activated (if it isnt activated we cant send a test sms through the admin page) SMS credits ( there are enough credits available) Please help me out because we cannot implement this package for our organization this way.
GINA not pushing correct URL on client computers
Hi, We're having an issue where the GINA does not update or push the correct configuration to the client. We tested the app with HTTP and use the server name URL then decided to enable SSL with a different name for the web server. This new URL, even though updated properly in the web interface is not pushed on the client and therefore the client machine gets a invalid certificate error since the name of the server that is in the registry does not match the certificate. IS there a way to force the
ADSelfService Enroll.hta
What permissions it should have an account to download it to ADSelfService Enroll.hta to SYSVOL, where it is described in the documentation?
After enabling SSL on ADSelfService, Single Sign On does not work and asks for credentials....
We have ADSelfService work with single-sign-on on HTTP without any issues. I decided to purchase a SSL certificate and assign an external domain to the server in order to have it accessible from the internet. After the wonderful help from MangeEngine support, I was able to get SSL working on the site with the port 9251. Now the issue is that when I access the site from any computer internally, the single sign on does not work any more and I get prompted to enter my domain credentials before been
setting up SSL via tomcat/adssp
So, I've created a new java keystore using the keytool app, I've imported our companies public and signed certificates to that keystore. I've copied the keystore to the /conf/ folder and renamed it to selfservice.keystore. I've adjusted the server.sml to point to the new keystore and added a few recommended options to get our certs to load: <Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol" name="SSL" maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
Trying to implement SSL for ADSSP
So, I've created a new java keystore using the keytool app, I've imported our companies public and signed certificates to that keystore. I've copied the keystore to the /conf/ folder and renamed it to selfservice.keystore. I've adjusted the server.sml to point to the new keystore and added a few recommended options to get our certs to load: <Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol" name="SSL" maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
AD Self Service Plus icon missing
After installing the product on a 2012 server, it ran. I made changes that would allow for SSL. I had to restart the server in order to complete the changes. After I shutdown the AD SelfService Plus server it would not come back on. Then I remembered I had set it to run when windows starts. So I rebooted the entire server. It still will not come up. I looked in the install directory, but there are no exe's to run. Additionally, there is no program called AD SelfService Plus in the start menu.
Enrollment notification email message
I have an issue when trying to change the email enrolment notification. When I try to change %userName% to anything else, it does not work. Eg, if I try to change it to %givenName%, the email will just show Dear %givenName", instead of the user's given name in AD Example: Dear %userName%, We have deployed a password self-service tool to help you reset your Windows domain..................... This works and will show the username in the email (eg, Dear John.Smith) Dear %givenName%, We have deployed
Error To Transfer To SQL Database
Unable to transfer to SQL database , I got below error at java.security.ProtectionDomain$1.doIntersectionPrivilege(Unknown Source) at java.awt.EventQueue$4.run(Unknown Source) at java.awt.EventQueue$4.run(Unknown Source) at java.security.AccessController.doPrivileged(Native Method) at java.security.ProtectionDomain$1.doIntersectionPrivilege(Unknown Source) at java.awt.EventQueue.dispatchEvent(Unknown Source) at java.awt.EventDispatchThread.pumpOneEventForFilters(Unknown
Settings not being saved when setting Security Q&A Strengtheners
Hi I am running ADSelfService Plus and have chosen to display 2 Q&A to the end user but they are coming up one by one and any setting I add to the Q&A settings page even after a save revert back to being ticked Display 0 questions out of 2 at random and not keeping my radio button for all security questions. I have tried restarting the service but it is still the same. Thanks
Problem while restoring db
Hello, I'm working through a project to migrate our 4.5 AD SS server from an XP machine to Windows Server 2012 VM. I have successfully upgraded AD SS v4.5 to v5.3 w/ SP 0.1 (build 5301) on the XP machine, installed 5301 on the new server, and verified that the old XP installation and the new 2012 install are working. While following this article; I have attempted to restore the XP database.zip file to the new server, but receive the error "Problem while restoring db". I have also reached out to
Next Page