SAML and Multiple Domains
Hi, I'm looking to setup ADSS as a SAML server for Password Manager Pro but have a question. We have 2 domains, there is no trust relationsip between them so curently users need to pick the domain they're logging into. Is there anything special we need
Windows 10 Gina Not Working
Hello, We are installing the GINA manually on Windows 10 computers and the "Reset/Unlock" button never appears at the login screen. We are at loss for what may cause this. Thanks for any help!
No domain could be discovered but domain already exists
Hello, My ADSelfservice Plus configuration was working well for weeks and since yesterday the access to reset password is denied for users. When I'm clicking on domain settings it says "No domain could be discovered. Please add domains manually" and my domain does not appear anymore. When I'm trying to add it manually the answer is that "Domain already exists" What could I do to resolve this ? Thanks in advance
How to import multi security questions & answers data from CSV file in one stage
Hi, I have multi security question and answers that want to import from single CSV file in one stage. This is not mentioned in the sample CSV file. What should I do?
Vulnerability
Hi, we use ME DC with Vulnerability assessment. Which has flagged up that the Apache TomCat needs updating, we are now on version 6009 how do we fix this issue? Thanks Darren
Your account is not configured for Multi-Factor Authentication. Please contact your Administrator.
I am trying to enforce MFA enrollment and MFA on our superadmin accounts in ADSelfService Plus. The superadmin accounts are a couple of user accounts synced from Active Directory. These user accounts are in their own OU in AD and do NOT have any other
Anyone using Twilio for SMS message sending?
I'm trying to get the Server Settings 'custom' page to work with Twilio's API to send messages and so far I've not hat much luck, I hope I'm just missing something obvious. Are you actively using Twilio as your service provider and if so what parameters did you have to pass from ME to get it to work? Thank You, John
AD SelfService Plus with MSA
Hello, We have already deployed AD Selfservice PLUS and it is running as a service using a local account on our server. We were trying to maintain security by migrating the service to use an MSA for password resets rather then using a generic service
Problem While Sending SMS
Hi when I want to send a test SMS in ADSelfService, the message "SMS sent successfully" will be shown. but No SMS will be sent and in Serverout0.txt log file i can see http url address page as html. Also I have tested SMS service with same parameters
Character marks appear in Password
Dear All, Currently, in the process of changing Password, I have discovered that there is a Unikey/Vietkey character mark in the Password for Users in Vietnam Region. Because here User uses Unikey / Vietkey as the main, so when changing Password, there
Adselfservice_enroll.hta not working
Hi, I've created a domain strategy and I 've configured force enrollment linked to this strategy. I 've noticed that the Adselfservice_enroll.hta script is stored in the sysvol directory on domaine controler . What is exactly the mechanism to copy the script on the sysvol ?whose user is copying the script? When i logon PC there is no windows message to force enrollment. How Adselfservice_enroll.hta is triggered ? What should i do ? Thanks Franck
HTTP 401 Error on login page.
Not sure what's causing this, but it started yesterday morning, for no apparent reason. The Admin login page still works, and if I turn off SSO and hiding the admin login, it works fine. Except that I really need SSO for this solution to be worth anything to my organization. Any suggestions?
Case #3300187
I am extremely disappointed in your support!! I have had an open case since last night and have not gotten one status update. No one is able to help me with this case and when I contact support no one can tell me anything. YOUR SUPPORT IS HORRIBLE!!!! I am escalating this to my superiors who will be contacting you. You should be ashamed!!!! I will be posting this to each of your different product forums so everyone can see what type of support system you have!
Domain status query
Hi Team, I have added domain with user having domain admin rights. IN domain setting status is showing success as well. After that on that user I have given limited permission on AD however in Domain setting status it is still showing as success. Could you please let me know what could be the reason? Please refer the attached snap shots as well.
GINA Deployment hangs
Hi There I am now frustrated the maximum! I am deploying the GINA APP from the server to the client machines. It hangs on "processing" and that's where it stays. If I check the software has successfully loaded on the machine but it does not update the server with "successfully installed". I have to stop the services, then start them again to then do another deployment. Please can you assist with what I am perhaps doing wrong?
AD SelfService Plus Diffie-Hellman fix version 4.5 4570
Our AD Self Service Plus is currently version 4.5. Is there a supported fix for the weak public encryption key issue (Weak ephemeral Diffie-Hellman public key)? If not, is there a supported upgrade path from 4.5 to current version (5.3?)? Thanks, Dan
AD Self Service Plus Certificate
Is there any way to create a certificate request that contains a certificate template or anything other than a .csr? I want to sign the certificate from my own Certificate Authority but the web enrollment doesn't allow using Cryptography below windows Server 2008 and thus will not issue the more secure Certificate's from the web enrollment using the .csr as generated from the ADSS web page. Thoughts or work around?
Custom SMS send Non-English message text displays incorrectly
I configured the SMS send by 3rd gateway. They told me that the Chinese encoding format used in the request reply process is UTF-8. No matter whether I configure the HTTP request header, Non-English message text displays incorrectly. Messages received on the phone like this。After "test" that is Chinese text
Global personalize setting for technician
Hi Team, As of now for each and every technician(super admin) we need to do manual setting in personalize. Is there way where we can set global setting for this? I do agree if technicians are from different time zone at that time we must need to set manually, what about technicians are from same time zone? Thanks Arjun
Performance issues (slow logins) - Potential new customer
Hi all - I'm currently trialing ADSSP with a view to purchasing it for around 5000 users. It's by far my favorite product, however I'm trying to determine why I'm consistently facing 7+ second delays when; - entering a username to enroll - entering a username to reset a password/unlock account - entering an answer+CAPTCHA to continue login as a user Now, I've read these forums and checked all the standard things (FQDN for DC's, a live and local DC being at the top of your list, correct ports being
RDP Session with GINA Client freezes in Windows to blue background and "please wait".
Hello, we have Windows Servers with the GINA Client to secure it with MFA at the Windows login. When i make RDP and enter my code everything works fine. But when i lock my host computer, from where i started RDP Session and come back and unlock it, very
Multiple SMS while resetiing password
Hi all, Just we are trying Ad selfservice plus, Product details below. Product version: 5.3 Product architecture: 64 bit Build no: 5318 Our domain controller in windows 2012 and Forest function and domain function in windows windows 2012. Currently we have 3 domain controller and in AD self service plus we had entered all three domain controller in domain settings on AD self service plus and we enabling the SMS and Mail notifications while user change their password and during the unlocking.
Windows 10 Preparing Windows hangs
I'm having a problem with the enrollment screen on windows 10 devices. When a new user that is not enrolled logs into a machine it hangs at the preparing windows screen, I've left it for 5 minutes or so. If I press CRTL-ALT-DEL at the preparing windows I can cancel the initial screen that windows brings up then I'm immediately prompted to enroll the user. This does does not happen on windows 7. Also, logins work normally for enrolled users, or users that don't require enrollment. In troubleshooting
Sophos Encryption installed
HI Team, In our Environment Sophos is being used as an Encryption Software. you have mentioned for Gina agent for Sophos Safeguard Disk Encryption no configuration is required. We are unable to get the RESET/UNLOCK option can you let me know the steps.
Password Change notification
Hello, I'm trying to setup the password reset/change/unlock email notification. I have the server information setup and I can send a test email successfully to our admin account. I ran a reset on a test account and I did not receive the email notification. I thought to look in the personal information portion, but I can't see where an email address would go. Did I miss something?
Installation SSL FOR ADSelfService
Hi, We are using ADSS inside our domain. How to generate keystore file from our internal CA, which script or keytool can we use? Thanks, E.
Reset Password/Unlock Account at login screen does not close when clicking on the red X
When users click on the reset password / unlock account at the login screen (Windows) they are having issues with closing the popup window. Half of the time, clicking on the red X in the right hand corner doesn't close out the window (see attachment).
Getting SSL Error with Comodo Cert
Hello everybody, the last couple of days i've been struggling getting my SSL cert up and running. I got my SHA 256 cert from comodo and followed the steps for the keystore. To only thing I changed is that I used COMODORSADomainValidationSecureServerCA.crt and COMODORSAAddTrustCA.crt instead of the UTN ones. Error when loading the site...ERR_SSL_VERSION_OR_CIPHER_MISMATCH on Chrome and SSL_ERROR_NO_CYPHER_OVERLAP on Firefox (tested it on multiple machines, all with clear cache). I then saw the tip
ADSelfService_Enroll.hta -message appears "Server unreachable , Right Now! ???
I wanted to update the ADSelfService_Enroll.hta file I have in group policy with the latest version (from the last patch I put on 11/20/2015)- I double clicked it to test it to see what my users will see and that message appears. The group policy version (7/20/2015) doesn't give any message - I'm not even sure it's working anymore. Any help? thank you, Jamie Brewer
RDP crash
Afternoon everyone We've just installed the trial version of AD SelfService Plus with a view to purchasing the professional product. However, when we try to use our Microsoft RDC and start typing the username it crashes when we write the second character! Any ideas? Thanks
Enable Hide Self-Service Admin Login
Hello I unknowingly enabled the 'Hide Self-Service Admin Login' without providng exceptions. How do I re-enable it or be able to login as admin ?
Password Sync Issue
I am having an issue where ADSelfService will successfully reset a users password when using the "Reset Password" option but it does not appear to Sync with the Domain Controller. I have checked the Domain Configurations and everything appears to look correctly. The weird thing is that we also use ADManager Plus and the same exact domain settings are configured and when performing a password reset it is successful. Any solutions? Is there a log that I can view to see if I get any additional information?
SSL Keystore
I have created a new keystore both using the web tool wizard and by hand using keytool csr via command line instructions straight from tomcat. When I change the server.xml file to point to the new keystore and reboot the service, I can no longer access the selfservice site. The service is running. I do not get any errors from any of our browsers. I see that there is an option in the server.xml connector that is debug=0 I have not found any information on this setting. Is there a place where I can
SQL Query to Fetch Enrollment Data
Hi All, We have successfully used the external data source option to connect to an MS SQL Database so we can setup regular Fetching of user enrollment Data. We plan on asking users 2 security questions when they need to unlock their account or reset their password. 1. What is your date of birth (dd-mm-yyyyy)? 2. What year did you join the company (yyyy)? Our development team has kindly setup a custom view in the database we are connecting to to pull enrollment data into ADSS Plus. This is called ADSelfServicePlus.vwStaffDetail
adssp.common.text.message_failed
Dear Team, I got attached error massage when sending test sms. Pls check and give me a solution. Thanx
Silent install of Mac login agent
We have a Windows domain populated with both Windows and Macs. We are able to use the GINA install in the portal to push the GINA agents to Windows workstations (the service is running as a domain admin). The portal does not work with installing the agent on Macs. Is there a way to run a silent install of the agent on Macs? Thanks, Kevin
Internal SSL Configuration
Good Evening, I am trying to setup ADSelfService Plus to use HTTPS and we are using an internal certificate (Windows 2003) CA, I have reviewed the documentation around setting up SSL but the documentation mainly refers to external CA partners is there a document or guide I am missing that has the detailed steps required to set this up at all as at the moment I can't get the solution to work using SSL. Basically I set it up and when I login I get a standard IE error message about trusted sites I click
USERS UNABLE TO UPLOAD PICTURES IN AD
Hi all, I managed to install trial version in my PC and I was able to upload my Profile Picture in AD and hence reflected the same on Outlook by using your tool.However other users are unable to upload their pictures, so I am the only one who can.Can you please explain to me why is that happening, whether it is licensing issues. i work for a bank and i would like to purchase this solution however with no proper motivation and required number of users for test i wont be able to achieve that. please
Running as NT service not working properly
I would like to run ADSS as a service but am running into a few hangups. 1. The service starts successfully on boot up but the portal page is not available until i log into the computer and start the portal piece. This also means that I must remain logged into the server for ADSS to work. 2. We do auditing of password changes and lock outs. When a user resets their password or unlocks their account, the alert is coming through but is showing that I performed the change (I assume because I
selected container (domain/ou) is empty, no users found
hi there, I have build number 5.3.5310 running of AD Selfservice. I have created an account to start the service and this account has rights in all my OU's to read AD information. Some of the OU's with users are not seen by the software and i don't know why. What am i doing? I click on Administration -> Administrative tools -> Quick registration -> e-mail. I select a OU and click to sent mail. Some OU's don't work and show the above message. Other OU's work fine and e-mails are being sent. However.
Next Page