Technicians with some admin functions
Hi, Is there any way to give admin functions to technicians without give admin profile? e.g. massive enrollment by csv. And we have 2 domains but if I set a domain user as a technicias, he only see his domain. Is there any way to see both domains with
AD SelfService Plus with MSA
Hello, We have already deployed AD Selfservice PLUS and it is running as a service using a local account on our server. We were trying to maintain security by migrating the service to use an MSA for password resets rather then using a generic service
Problem with installation of new ssl certificate
Hello there, I have a problem with the installation of a new SSL certificate to my ADselfservice system. Details below: csr has been generated via web tool (Admin-connection- Generate Certificate) Csr sent to CA authority - DigiCert DigiCert sent me two
INVALID_CSRF error during reset password
Hi, When I want to reset password in web page, I get this error: INVALID_CSRF_TOKEN ADSSP version: v6.0.05 DB: MS SQL I attached my screenshot. What should I do? Thanks for helping
ADSSP Mobile App does not follow the MFA for Reset / Unlock
In recent days the mobile app for ADSSP has changed some of the functionality. One security risk which i noted is the MFA for Reset / Unlock entered in the Admin portal. We have our MFA for Reset / Unlock enabled to 3 factor authentication for reset / unlock operations. However, when performing Password Reset and/or Unlock account from the ADSSP mobile app, it doesn't follow the entered setting. It just proceeds after just 1 factor of authentication instead of the entered 3. when performing the
ManageEngine ADSelfService Plus service not starting
I am receiving the following when trying to start the service. Please advise on how to resolve this issue. Thank you, Dan
ADSSP with Read Only Domain Controller
We have an ADSSP server in our DMZ that is configured to use an RODC in the DMZ for AD access. During testing, this seemed to work perfectly. However, it appears that I did NOT test the unlock account feature... And it does not work. It returns an error
ADSelfServicePlus Service Issue
Hello I have used the installer to add the Windows Service. Edited the ADSelfServicePlus "Logon Tab" and added a Active Directory account which has a Domain Admin right added . Following this guide: https://www.manageengine.com/products/self-service-password/kb/installing-adselfservice-with-windows.html
Forced Enrollment Scheduler keeps turning off.
The Forced Enrollment scheduler keeps turning off. I can go back in and click it to make it green and turn it on again. But at the next time it's scheduled to run, it turns off. New users are not getting the login script added to their profiles and are
Cannot start server, error 503
Hi, I have such error, version 6100: HTTP Status 503 – Service Unavailable Type Status Report Message Servlet [org.apache.jsp.jsp.showLogin_jsp] is currently unavailable Description The server is currently unable to handle the request due to a temporary
Gina Cliente is storing passwords in plain text?
Hello team, in my company we are using GINA CLIENT 5.1 in windows computer, with the option of refresh the computers password by VPN. When the Gina Client finishe passwords reset process, it automatically store the user's password in (C:\Windows\Temp) plain Text, to then use that password to connect by VPN Is a very high security risk, I am very disappointed. PLS, how can I fixe this issue? Thanks
How to limit the number of mobile numbers in ADSefServicePlus
Hi how can i limit the number of mobile numbers that user can add. some users added multiple mobile numbers.
ADSSP doesn't load
Hi all, i have installed this software but, when i try to open it, it loading and it doesn't open any kind of browser. in attachment my error.
NGINX Reverse Proxy with basic authentication
Hi We have put ADSelfService Plus behind a reverse proxy (which works fine) and have now enabled htpasswd basic auth. After you enter the basic auth credentials you are presented with the ADSelfService login page. If you enter the credentials here, doesn't
Random users getting Invalid Code error when trying to register for self service
We have had random users, using both iPhones and Androids, get the Invalid Code when either scanning and manually entering the code from the Self Service page. The time and date have been verified on both the computer and the mobile device. In some instances
ADSelfService SAML Custom Application
Hi, I try to configure a Custom Application with SAML Authentication. Is it possible to modify the Target Attribute? In the target attribut i need a special name. Do I some changes in the Advanced Configuration remains unchanged the Metadata. How I can
PostgreSQL Version 11.6 not supported?
Hello everyone, We are using Build 6002 and an external postgreSQL Database. We have to migrate from Version 9.5.16 to 11.6 but we are getting error messages in the Wrapper.log INFO | jvm 1 | 2020/11/05 07:40:08 | Trying to connect to a incompatible
ADSelfService Plus
Hi It looks like removing the domain selection option is working not only for the normal user logon page, but also on the /adminLogin.cc page Now when I navigate to /adminLogin.cc I am not presented with selection between DOMAIN and LOCAL AUTH , therefore
No Data Available for Enrolment Reports an Audit reports. (Yes for User Reports)
Hi ME Team, Today I finded that all the Enrollment Reports and Audit Reports show "No Data Available", I am pretty sure that yesterday or a day earlier I ran the Enrolled User Report and it worked. I restarted the adssp server but everything was the same.
MFA email timeout
Is there a way to extend the timeout for sending the 2 factor authentication email to more than 30 seconds? I have contacted support and they attempted add a smtp timeout line to the wrapper.conf file and it still times out in 30 seconds. We are having
Does the Password Policy Enforcer works for both Windows 10 and Windows 7?
Hi Adssp team, I would like to know if the Password Policy Enforcer works for both Windows 10 and Windows 7. As additional information, we have 6009 version installed, the option "Enforce this policy in GINA/CP (Ctrl+Alt+Del) screen and ADUC Password
MFA for Endpoints
Hi I'm trying to configure MFA for endpoints. What I want to achieve is a second authentication factor during logon to workstation- Microsoft Authenticator. Everything working for unlock/reset password- logon Acceptance on Microsoft Authenticator is required,
ADSelf Service SentinelOne Reboot Problem
I am having a problem with SentinelOne rebooting the server when a use tries to reset their password with ADSelfService. Of course each vendor is blaming each other. Has anyone been able to get this fixed? I am on build 6000 and upgrading to 6002 now. SentinelOne version 4.0.4.81 Windows Server 2016
How to customize user login page
I would like to customize the User Login Page as seen in the screen shot below. I'm trying to follow the instruction for Customize User Logon Page. Located at the following address: https://www.manageengine.com/products/self-service-password/help/admin-guide/Admin/Customize-User-Logon-Page.html#FIELD Though when I get to the following section. Enabling the User Logon Box: I don't see where the Pre Defined Elements in my version of the software. See below. I'm using ADSelfService Plus Standard
How To Customize User Login Page (Updating Post From 5 Months Ago)
(Sorry as this is a reply to a post from 5 months ago, and not sure if my reply will get read, so i'm reposting here with the hope Manage Engine will respond) I just updated to the latest 6009 version and I still don't see a way to customize the user
Vulnerability
Hi, we use ME DC with Vulnerability assessment. Which has flagged up that the Apache TomCat needs updating, we are now on version 6009 how do we fix this issue? Thanks Darren
Multiple users with same email
Hi, We need to restrict users to not register or add the same email or mobile phone that another user already have. 3 Years ago in another topic, you say that is in the product roadmap to add this feature, but this don't happend. Acoording to the helpdesk answer, is users responsability not using duplicate emails or mobile phones, this approach is wrong, you say that the weakest link have the security in theirs hands. This solution don´t resolve the problem that someone impersonate a user and recover
Script Error
We are having the following problem when we use the application on a 2008 SP2 server I attach the image so you can see detail I tried several addresses at the time of installation but the result is the same
***SOLVED*** - Cant enroll after upgrade
We are running v5.8 build 5801. If a user is already enrolled in the system everything seems to work fine. I have a new user that is not enrolled in the system and when we get to the login page we click the "User Registration" link on the left hand side of the screen and we get a message that says "Please login here" above the sign in screen. If the user then tries to login using the sign-in screen he gets an error stating he does not have permission to do so and to contact the administrator. How
ADSelfService not sending the complete certificate chain (CA root and CA intermediate).
Hello, Our ADSelfService Plus is configured to use SSL certificate. To achieve that we enabled the HTTPS option under the Connection settings, and put the pkcs12 certificate in ADSelfService Plus that it is linked in server.xml like the following <Connector name="SSL" sendReasonPhrase="true" relaxedQueryChars="\" port="443" minSpareThreads="25" maxThreads="150" maxSpareThreads="75" enableLookups="false" disableUploadTimeout="true" connectionTimeout="20000" acceptCount="100" secure="true" scheme="https"
GINA Client: Certificate Error
Hi folks, we use the AD Self Service Plus software in our company. We've installed the GINA client on all hosts (Laptops, Desktops...). Also we have a firewall from CheckPoint. We manage the internet access from our users with an Active Directory group. CheckPoint use this group to check which user can access the internet. And here is the problem: The GINA client comes as ANONYMOUS user and does not have any rights to access the internet. The GINA client tries to connect to some external sites. We
SMS Account Setup Verification not allowing option for Country Code
In previous versions of SelfService the country code is required for SMS (text) to function. We onboarded our first new employee today since the upgrade to 6000 (6002) and he is being prompted for his phone number. There is a + sign at the beginning, but there is no option to enter a 1 (USA). He can only enter 10 digits for the number and it fails to send the text. We have validated SMS works through the admin interface. How do we correct this?
Dual Login Prompt when accessing Self Service
Since the upgrade to ver 6000, we now get a double pop up each time we attempt to access Self Service. If we cancel, we can log in fine. If we log in using the dialog box, we have to log in a second time to gain access.
Windows Logon 2FA - Prevent on Locked screen
I've got Windows Logon MFA working on a few test machines but comes up every time the computer is locked. Is it possible to have Logon MFA only appear during account login and not for unlocking the PC?
Cannot choose options from self-service
Since the upgrade to build 6000, the self-service dropdowns no longer work. They show the text "ads.common.text.select_empty", and clicking on the dropdown provides no options, when there are really a couple dozen. Below is what I see:
How to import multi security questions & answers data from CSV file in one stage
Hi, I have multi security question and answers that want to import from single CSV file in one stage. This is not mentioned in the sample CSV file. What should I do?
How to enlarge ADSelfService Plus font size
Hi, How to enlarge ADSelfService Plus font size? The default font size is very small. Version: 5.8.16
SMS verification is not plain text in AD-SSP
Hi, SMS verification is not plain text in AD-SSP 5.8.16 and I see in mobile as below message: <div style="direction: rtl;">Dear user<br></div><div style="direction: rtl;"><br></div><div style="direction: rtl;">verification code:</div><div>87233859<br></div><div><br></div> Please fix it in next release. Thanks for helping
Where is SMS log file
I have problem in send SMS. Now I want to see log for send SMS .Where is SMS log file?
"Customize User Logon Page" link on the 'Logon Settings' has disappeared after upgrade to 5815
I am unable now to see the "Customize User Logon Page" link on the Admin page. We were running 5708, i upgraded to 5800 then 5815. At this point the Customize User Logon Page disappeared. Is it somewhere else, or did I miss something in the upgrade? How can I recover this, as i need to amend the User logon page. Thanks
Next Page