How to change the email/sms template for OTP verify
Hi all, I am trying to find the configure to change the content of email/sms with OTP code. Now every time I add new email/mobile number and click verify, the email with OTP will be like this: "We received an enrollment request to use this email address
Clients installed via GPO don't show as installed in ADSSP
Hello, I have a logon script that checks if the ADSelfService Client is installed; if not, it runs the .msi silently via command line. This works just fine, and after logging in the client is successfully installed. However, when I navigate to GINA/Mac Installation -> Installed Machines, no new computers are shown. As far as I can determine, if the client is installed any way other than manually or via the ADSSP "New Installation" tab, the machine doesn't show as having a working client. Despite
Error message when installing ADSelfService Plus Service Pack
I'm updating ADSelfService Plus with service pack ManageEngine_ADSelfService_Plus_6_1_0_SP-1_6_0 and received error message during pre-validation: "Can't create/write to file "file path" #sql_1f18_0.MYi (Errcode: 2) I need to install this update due
How to have the support service escalation?
Hi all, Could you please to share me the contact for support escalation? I have a critical issue and pending 2 months without solution or feedback from supported. Thanks.
Changing password by ADSelfservice, then how to sync to laptop without local connection
Hi everyone, I am using ADSelfservice Plus for the user to change and reset the password (Web, Mobile App as GINA as well). Normally, user can use ADSelfservice to change the password if they are not in office, and the password will sync from AD to their
ADSelfService Plus' latest build 6117 now supports Azure AD MFA
We are excited to announce the release of ADSelfService Plus' new build, 6117, with the following updates. Highlight : Azure AD MFA support: Azure AD MFA can now be used for identity verification during self-service reset/unlock; self-service portal login;
ADSelfService Plus' latest build 6116 released with some security fixes
Important announcement: ADSelfService Plus 6116 has been released with the following issues fixed. Security Issue Fixes : All the API endpoints have now been strengthened to be more secure. A security vulnerability which allowed performing unauthenticated
AD Manager Plus
We are in the process to evaluate AD Self Service Plus. Our setup works fine for Windows machines however for MAC machines endpoint MFA, after entering username and password, MFA pop up comes as blank. While the reset and unlock screen works as expected
MFA for VPN doesn't accept Google Authenticator OTP
Dear Community, as I don't get an answer via Ticket, hopefully you could help me. I configured and installed everything accordingly to https://www.manageengine.com/products/self-service-password/help/admin-guide/Configuration/Self-Service/mfa-for-vpn-logins.html
Mobile App not working since Build 6114
Hello Everyone, Since updating to Build 6114 the mobile App stopped working on our End. After typing in the Server Configuration, the Connection can be established. unfortunately, we get an "unexpected error" when trying to reset the password while the
Skip MFA when ADSelfService is down does not work for OWA login MFA
We had to shut down our internal AdSelfService server for maintenance and this is what our users were greeted with when they tried to log into Exchange. No one could bypass the MFA error page despite us having the bypass checkbox selected.
How to mass-enable Endpoint MFA on client PCs
Hello, we are trying to roll out Endpoint MFA to all of our Windows computers. I've configured the policy settings we need but am looking for a way to mass-enable Endpoint MFA in the installed agents. From official documentation I am reading that for
Use ADSelfService Plus GINA agent without VPN to change cached credentials
Is it possible to configure a GINA agent so that it changes a cached credential but doesn't require VPN connectivity?
New Login screen --> traductions not working
In the new login screen in 6114 i can see "enter your password ..." switching to french language, this message is not translated I ve also modified the properties file to translate by myself, but it's not working Thanks
Mobile App vulnerability
Adding to the vulnerability reported in https://pitstop.manageengine.com/portal/en/community/topic/adssp-mobile-app-does-not-follow-the-mfa-for-reset-unlock The enabled setting: Self-Service > Multi-factor Authentication > MFA for Reset/Unlock > MFA for ADSelfService Plus Login When using Change Password on the Web-browser of a laptop/desktop, this bring a MFA option to go through which is good and needed. However, when performing Change Password from the mobile app, there is No MFA requested..
ADSelfService Plus 6114 Security Fix Release
Important announcement: The latest build of ADSelfService Plus, 6114, has been released, and it fixes the authentication bypass vulnerability [CVE-2021-40539], apart from bringing new features and improvements. Below is a list of all the updates:
FBI, CISA, and CGCYBER strongly urge organizations ensure ADSelfService Plus is not directly accessible from the internet
I am reading the following on https://us-cert.cisa.gov/ncas/alerts/aa21-259a FBI, CISA, and CGCYBER strongly urge organizations ensure ADSelfService Plus is not directly accessible from the internet. But then the solution isn't accesible for the users
Unnecessary change introduced in latest Build 6114
the latest build 6114 is causing users to enter and re-enter CAPTCHA code twice instead of once, which was working fine in the previous build. Also, the first attempt to log in does not even present the option the type in the password. Please see attached
ADSelfService Plus' latest build 6115 released with some security fixes.
Important announcement: ADSelfService Plus 6115 has been released with the following issues fixed. Issue Fixes : When a custom attribute's display name containing \ or " was added to the employee search display column, no results were returned for an
ADSelfService Plus 6112 Hotfix Release
Hello everyone, We are glad to announce the release of build 6112 with the following enhancements and issue fixes: Enhancements : Mac Agent support has now been introduced for macOS Big Sur. Mobile app support to block specific email domains and mobile
ADSelfService Plus 6113 Hotfix Release
Hello everyone, We are glad to announce the release of build 6113 with below issue fixes: Issue Fixes : An issue which restricted users with special characters in their passwords from logging in to the portal via the mobile site has now been fixed. An
Implementing MFA with VMware Horizon View using Radius authentication
I am curious to know if there is a ay to use ADSSP's MFA with VMware Horizon View virtual machines. I know GINA does not work for instant clones, but I was curious if using the RADIUS setup with ADSSP and configuring Horizon View to use RADIUS would work.
Password Sync tool
Sentionalone is quarantined passwordsync tool on domain controller ,firstly it is unsigned exe second its trying to change Registry its being quarantined.
Upgrade failed to _6_0_0_SP-9_9_0
Dear Team, I am using version build 6008, downloaded https://www.manageengine.com/products/self-service-password/5311766/ManageEngine_ADSelfService_Plus_6_0_0_SP-9_9_0.ppm to upgrade. I got the message that the upgrade process was failed and uninstall
ADSSP Client and Duo Logon
We currently use Duo Logon (Windows/Mac/Linux) for 2FA on all end points because it has an "offline" option on Windows and Linux as well as supports RDP and SSH, which ADSSP Client MFA does not support. However, we would like to add the ADSSP Client
Technicians with some admin functions
Hi, Is there any way to give admin functions to technicians without give admin profile? e.g. massive enrollment by csv. And we have 2 domains but if I set a domain user as a technicias, he only see his domain. Is there any way to see both domains with
Granular permissions for technicians
We have multiple technicians who help our customers and if can we add more Granular permissions to technician roles so that instead of giving them "ADMIN" access we can give them limited access to enroll/edit individual users or bulk edit/enroll users
ADSelfservice unavailable until I login as admin on server.
Hello, I have such problem, adselfservice is not working until I login as admin user on windows server only in this case all need services are starting. Is any way to resolve this issue, because my windows server reboots on its own in night hours after
Integration ADSelfService Plus with ServiceDesk Plus [Problem / Error]
ADSelfService Plus 6.1 Build: 6111 ServiceDesk Plus 11.3 Build 11303 Failed to connect to the server. Check server connections and Try again. Error code: [17:59:31:656]|[08-10-2021]|[com.manageengine.adssp.client.admin.ConnectionServlet]|[INFO]|[83]:
Request add more method for support 2FA
1. Mobile Authenticator of ADselfservice or 3rd party 2. Multi-protocol security key such as yubikey by yubico | https://www.yubico.com/products/yubikey-hardware/ 3. FIDO2 for passwordless authnticate https://fidoalliance.org/fido2/ Thank you for build great app and great support.
ADSelfService Plus' latest build (6111) released with MFA for OWA, OAuth and OpenID Connect support!
Hello everyone! We are glad to announce the release of ADSelfService Plus build 6111 with the following features: Highlights MFA for OWA/Exchange Server: Strongly secure your Exchange environment with a dedicated multi-factor authentication (MFA) setup
Reset Admin Login Requirements
Hello there, I'm currently trying to repair a very broken, old, and undocumented test environment for ADSelfService Plus. When trying to access the admin logon (via /adminLogin.cc), we get the following, even locally on the server it's installed on..
ADSelfService Plus 6110 released with an important security fix
Hey there! We are proud to announce that the latest build of ADSelfService Plus 6110, fixes an important vulnerability reported by HaYiCle from E-CQ through our bug bounty program. Security Issue Fix : Fixed the account takeover issue by enforcing SAML
URL for direct searching
Hi I am looking for the syntax to use in the URL to search for a specific user, something like: https://adselfservice/EmployeeSearch.cc?search="Bob" Can you help? Thanks
ADSSP Audio Captcha
Hi, Is there a way to change the langage of the audio captcha ? Even if the browser default langage is French, the audio captcha is in english. Thanks Regards. Anthony
ADSelfService Plus 6109 Hotfix Release
Hello everyone, We are glad to announce the release of build 6109 with the following issue fixes: Issue Fixes : The VPN Group Name field is no longer mandatory while configuring Cisco AnyConnect for updating cached credentials over VPN. The issue that
VPN and 2FA
Hi, I am trying to configure ADSS vpn to enable password sync. We currently are using the Sophos Authenticator with our user VPN and want to use the same VPN for the password sync. Sophos uses OpenVPN and I can configure it to talk to our server, but
ADSelfService Plus now supports Passwordless Login!
Hello everyone, We are glad to announce the release of ADSelfService Plus build 6108 with the following features, enhancements, and issue fixes: Features Passwordless Login: ADSelfService Plus and other SSO-enabled applications can now be accessed using
ADSelfService Plus
ADSelfService Plus Is it possible to reset the password without entering the domain for users outside the organization? Is it possible to reset the password the first time after creating the account based on SMS?
ADSSP cannot identify if user account is moved from one OU to another
ADSSP provides a good feature of Restricting user accounts that are in specific OUs. The schedule scan works fine. But there are situations, an account that was placed in the Restricted OU is moved to another OU which isn't set as restricted in ADSSP.
Next Page