Exclusive webinar series on cybersecurity and IAM - Reserve your spot now
Hi, Remote work is the new normal, and it isn't going away anytime soon. While most employees prefer the comfort of their homes, they don't usually have access to enterprise-grade security that on-site employees enjoy. A recent FBI report brought to
Mobile App not working since Build 6114
Hello Everyone, Since updating to Build 6114 the mobile App stopped working on our End. After typing in the Server Configuration, the Connection can be established. unfortunately, we get an "unexpected error" when trying to reset the password while the
Clients installed via GPO don't show as installed in ADSSP
Hello, I have a logon script that checks if the ADSelfService Client is installed; if not, it runs the .msi silently via command line. This works just fine, and after logging in the client is successfully installed. However, when I navigate to GINA/Mac Installation -> Installed Machines, no new computers are shown. As far as I can determine, if the client is installed any way other than manually or via the ADSSP "New Installation" tab, the machine doesn't show as having a working client. Despite
Skip MFA when ADSelfService is down does not work for OWA login MFA
We had to shut down our internal AdSelfService server for maintenance and this is what our users were greeted with when they tried to log into Exchange. No one could bypass the MFA error page despite us having the bypass checkbox selected.
How to mass-enable Endpoint MFA on client PCs
Hello, we are trying to roll out Endpoint MFA to all of our Windows computers. I've configured the policy settings we need but am looking for a way to mass-enable Endpoint MFA in the installed agents. From official documentation I am reading that for
Use ADSelfService Plus GINA agent without VPN to change cached credentials
Is it possible to configure a GINA agent so that it changes a cached credential but doesn't require VPN connectivity?
New Login screen --> traductions not working
In the new login screen in 6114 i can see "enter your password ..." switching to french language, this message is not translated I ve also modified the properties file to translate by myself, but it's not working Thanks
ADSSP Dasboard view doesn't display desired information
The ADSSP dashboard by default only shows the current month Audit Reports (i.e. Reset password, Unlock accounts, change password, etc) However, there is no option provided for the Admins to make it show the total usage of it in the entire year. It only
ADSelfService Plus' latest build 6116 released with some security fixes
Hey there! We are delighted to announce the release of ADSelfService Plus' latest build, 6116, with the following issues fixed. Security Issue Fixes : All the API endpoints have now been strengthened to be more secure. A security vulnerability which allowed
Mobile App vulnerability
Adding to the vulnerability reported in https://pitstop.manageengine.com/portal/en/community/topic/adssp-mobile-app-does-not-follow-the-mfa-for-reset-unlock The enabled setting: Self-Service > Multi-factor Authentication > MFA for Reset/Unlock > MFA for ADSelfService Plus Login When using Change Password on the Web-browser of a laptop/desktop, this bring a MFA option to go through which is good and needed. However, when performing Change Password from the mobile app, there is No MFA requested..
Secure helpdesk user verification
The helpdesk is a popular target for hackers. The most popular tactic used is social engineering. While social engineering is likely when using security questions, it is much less common if multi-factor authentication is used. A much needed feature in
ADSelfService Plus 6114 Security Fix Release
Hello Everyone, The latest build of ADSelfService Plus, 6114, fixes an important vulnerability and introducing below feature and enhancement: Security Issue Fix: An authentication bypass vulnerability affecting REST API URLs, that could result in Remote
Register now for our free ADSelfService Plus Online training series
Hello, ManageEngine is back again with another series of online workshops to help you make the best use of our integrated password management and single sign-on solution- ADSelfService Plus. This free live online training will be your guide to eliminate
FBI, CISA, and CGCYBER strongly urge organizations ensure ADSelfService Plus is not directly accessible from the internet
I am reading the following on https://us-cert.cisa.gov/ncas/alerts/aa21-259a FBI, CISA, and CGCYBER strongly urge organizations ensure ADSelfService Plus is not directly accessible from the internet. But then the solution isn't accesible for the users
Unnecessary change introduced in latest Build 6114
the latest build 6114 is causing users to enter and re-enter CAPTCHA code twice instead of once, which was working fine in the previous build. Also, the first attempt to log in does not even present the option the type in the password. Please see attached
ADSelfService Plus' latest build 6115 released!
Hello everyone, We are glad to announce the release of ADSelfService Plus' latest build, 6115, with the following issues fixed. Issue Fixes : When a custom attribute's display name containing \ or " was added to the employee search display column, no
ADSelfService Plus 6112 Hotfix Release
Hello everyone, We are glad to announce the release of build 6112 with the following enhancements and issue fixes: Enhancements : Mac Agent support has now been introduced for macOS Big Sur. Mobile app support to block specific email domains and mobile
ADSelfService Plus 6113 Hotfix Release
Hello everyone, We are glad to announce the release of build 6113 with below issue fixes: Issue Fixes : An issue which restricted users with special characters in their passwords from logging in to the portal via the mobile site has now been fixed. An
Implementing MFA with VMware Horizon View using Radius authentication
I am curious to know if there is a ay to use ADSSP's MFA with VMware Horizon View virtual machines. I know GINA does not work for instant clones, but I was curious if using the RADIUS setup with ADSSP and configuring Horizon View to use RADIUS would work.
Password Sync tool
Sentionalone is quarantined passwordsync tool on domain controller ,firstly it is unsigned exe second its trying to change Registry its being quarantined.
Upgrade failed to _6_0_0_SP-9_9_0
Dear Team, I am using version build 6008, downloaded https://www.manageengine.com/products/self-service-password/5311766/ManageEngine_ADSelfService_Plus_6_0_0_SP-9_9_0.ppm to upgrade. I got the message that the upgrade process was failed and uninstall
ADSSP Client and Duo Logon
We currently use Duo Logon (Windows/Mac/Linux) for 2FA on all end points because it has an "offline" option on Windows and Linux as well as supports RDP and SSH, which ADSSP Client MFA does not support. However, we would like to add the ADSSP Client
Technicians with some admin functions
Hi, Is there any way to give admin functions to technicians without give admin profile? e.g. massive enrollment by csv. And we have 2 domains but if I set a domain user as a technicias, he only see his domain. Is there any way to see both domains with
Granular permissions for technicians
We have multiple technicians who help our customers and if can we add more Granular permissions to technician roles so that instead of giving them "ADMIN" access we can give them limited access to enroll/edit individual users or bulk edit/enroll users
ADSelfservice unavailable until I login as admin on server.
Hello, I have such problem, adselfservice is not working until I login as admin user on windows server only in this case all need services are starting. Is any way to resolve this issue, because my windows server reboots on its own in night hours after
Integration ADSelfService Plus with ServiceDesk Plus [Problem / Error]
ADSelfService Plus 6.1 Build: 6111 ServiceDesk Plus 11.3 Build 11303 Failed to connect to the server. Check server connections and Try again. Error code: [17:59:31:656]|[08-10-2021]|[com.manageengine.adssp.client.admin.ConnectionServlet]|[INFO]|[83]:
Request add more method for support 2FA
1. Mobile Authenticator of ADselfservice or 3rd party 2. Multi-protocol security key such as yubikey by yubico | https://www.yubico.com/products/yubikey-hardware/ 3. FIDO2 for passwordless authnticate https://fidoalliance.org/fido2/ Thank you for build great app and great support.
ADSelfService Plus' latest build (6111) released with MFA for OWA, OAuth and OpenID Connect support!
Hello everyone! We are glad to announce the release of ADSelfService Plus build 6111 with the following features: Highlights MFA for OWA/Exchange Server: Strongly secure your Exchange environment with a dedicated multi-factor authentication (MFA) setup
Reset Admin Login Requirements
Hello there, I'm currently trying to repair a very broken, old, and undocumented test environment for ADSelfService Plus. When trying to access the admin logon (via /adminLogin.cc), we get the following, even locally on the server it's installed on..
ADSelfService Plus 6110 released with an important security fix
Hey there! We are proud to announce that the latest build of ADSelfService Plus 6110, fixes an important vulnerability reported by HaYiCle from E-CQ through our bug bounty program. Security Issue Fix : Fixed the account takeover issue by enforcing SAML
URL for direct searching
Hi I am looking for the syntax to use in the URL to search for a specific user, something like: https://adselfservice/EmployeeSearch.cc?search="Bob" Can you help? Thanks
ADSSP Audio Captcha
Hi, Is there a way to change the langage of the audio captcha ? Even if the browser default langage is French, the audio captcha is in english. Thanks Regards. Anthony
ADSelfService Plus 6109 Hotfix Release
Hello everyone, We are glad to announce the release of build 6109 with the following issue fixes: Issue Fixes : The VPN Group Name field is no longer mandatory while configuring Cisco AnyConnect for updating cached credentials over VPN. The issue that
VPN and 2FA
Hi, I am trying to configure ADSS vpn to enable password sync. We currently are using the Sophos Authenticator with our user VPN and want to use the same VPN for the password sync. Sophos uses OpenVPN and I can configure it to talk to our server, but
ADSelfService Plus now supports Passwordless Login!
Hello everyone, We are glad to announce the release of ADSelfService Plus build 6108 with the following features, enhancements, and issue fixes: Features Passwordless Login: ADSelfService Plus and other SSO-enabled applications can now be accessed using
ADSelfService Plus
ADSelfService Plus Is it possible to reset the password without entering the domain for users outside the organization? Is it possible to reset the password the first time after creating the account based on SMS?
ADSSP cannot identify if user account is moved from one OU to another
ADSSP provides a good feature of Restricting user accounts that are in specific OUs. The schedule scan works fine. But there are situations, an account that was placed in the Restricted OU is moved to another OU which isn't set as restricted in ADSSP.
No language selection option in Change Password & Enrollment process web-page
Hi ManageEngine In the ADSSP web-portal, there is no language option offered for a user to select from during the Change Password & Enrollment page. This is has been noticed and reported earlier through some Support case with ManageEngine technicians.
ADSSP sends Email notification even to excluded OU & its sub-OUs
Hi ADSelfService Plus Team, Enrollment Notification email is setup & configured to be sent to specific OUs in every domain. The OU and sub-OUs which should not be receiving the Enrollment notifications have been excluded in the ADSSP Portal. However,
Password Requirements on Change/Reset Password Pages
Hello - We're in the process of updating the password requirements for the domain we have ADSSP sync'd to (8 to 12 char minimum, 90 day change cycle, etc.). As it sits, the existing page doesn't even match our current policy. We were under the impression
Next Page