Password complexity by number of character types
A password requirement that specifies the number of character types, rather than the number of characters of a type, would be a nice addition. For example, if you specify that there must be 3 different character types, then "Password!" would be allowed
ADSSP Free limitation
Hi, I use the ADSSP Free version to notify password expiration. It works great for 2 subscriptions, but i made a new one recently link on a group, and no mail are sent. Is there a limitation of number of subscription or on the number of users in the free
Hot to redirect HTTP to HTTPS
Hi, my adselfservice page is working on HTTPS port, and everything is working if I go to https://FQDN but if I go to http://FQDN then page is blank. Is any way to auto-redirect on adselfservice to automatically redirect to HTTPS? thanks
If service stop working what happend?
Hello, I installed ADSelfService Plus to the customer server and starts as service. Some time happned that the web console is down and I´ve looked to the service is not running (is setup for automatic startup). If I start MFA endpoind protection with
ADSelfService Plus 6103 released !!!
Hello Everyone! We are glad to announce the release of build 6103 with significant new features and enhancements. Highlight: Zoho OneAuth's OTP authenticator can be used as an MFA method to verify users' identities during password reset and account unlock
Admin activity logs feature/functionality missing in ADSSP portal
Since multiple Admins can be granted access to the ADSSP portal, it is imperative to have the ability to trace Admins activity for any kind of changes made to or in the ADSSP application. However, this feature/functionality is missing in previous builds
Users unable to change passwords
We have just started evaluating ADSelfService and are running into an issue where test users that have registered are unable to change their password under the Self Service tab. It lists "Domain Password Policy requirements" (which our test domain has NONE) I have also set the password strength level within the ADSelfService app to "Too short" yet still, no matter what password we change it always fails with this error: Change Password Failed The new password you chose failed to meet any or all
ADSSP Mobile App does not follow the MFA for Reset / Unlock
In recent days the mobile app for ADSSP has changed some of the functionality. One security risk which i noted is the MFA for Reset / Unlock entered in the Admin portal. We have our MFA for Reset / Unlock enabled to 3 factor authentication for reset / unlock operations. However, when performing Password Reset and/or Unlock account from the ADSSP mobile app, it doesn't follow the entered setting. It just proceeds after just 1 factor of authentication instead of the entered 3. when performing the
Issue with HA working in Build 6100
And another classic buggy application build from ManageEngine. The latest build 6100 seems to be filled with issues with every configuration being done. Configured HA in ADSSP, however it doesn't seem to work as it should Ticket #4069482 has been opened
WAF Alerts for Excesive use of Special Characters
Hello, Recently we have ADSelfservice Plus tool published in a Azure Gateway and if the enable there the WAF the notice the following rules issues. Detects basic SQL authentication bypass attempts 2/3 o Matched Data: \":10,\"T found within ARGS:NAVIGATION_DETAILS:
Yet another MAJOR BUG in ADSSP
Ticket # 4272254 raised with ManageEngine for this. Even though the settings in the ADSSP Admin portal is set to "Deny users from performing password reset/account unlock when partially enrolled", if a user has not enrolled but attempts to Reset Password
Change database IP in ADSS without configure again
Hi, We use SQL for ADSS in another server, and we are changing the IP in few weeks. Is there any way to change only the SQL server IP and not configure again the database in ADSS which doesn't permit to configure the same database name. Regards,
ManageEngine ADSelfService Plus service not starting
I am receiving the following when trying to start the service. Please advise on how to resolve this issue. Thank you, Dan
'keytool' not recognised
Hi. When I try to use the keytool command to install an SSL sertificate, it is not recognised by the command prompt. I also cant see any 'keytool' in the directory specified in the mannual. Any ideas? Thanks for your help.
ADSSP with Read Only Domain Controller
We have an ADSSP server in our DMZ that is configured to use an RODC in the DMZ for AD access. During testing, this seemed to work perfectly. However, it appears that I did NOT test the unlock account feature... And it does not work. It returns an error
Remcom.exe flagged as malicious
Dear Support Team, our AV solution flagged Remcom.exe from version 6101 as malicious - PUA Application.RemoteAdmin.RLH. A VirusTotal scan shows that this is not an exception: https://www.virustotal.com/gui/file/d7a923357aea4f9d4e65d43d3f800fa4f3b766a825be63d798f5ff35721a462a/detection
MFA On A Shared Workstation
Hello I have a few users that need to access a single workstation all using a single Active Directory windows account over RDP. Is there any way we could use MFA in this workstation? The users would already be enrolled into AD Self Service Plus themselves
ADSelfServicePlus Service Issue
Hello I have used the installer to add the Windows Service. Edited the ADSelfServicePlus "Logon Tab" and added a Active Directory account which has a Domain Admin right added . Following this guide: https://www.manageengine.com/products/self-service-password/kb/installing-adselfservice-with-windows.html
ADSelfService Plus Fixes and Enhancements [2021]
Release Notes for build 6113 (Sep 1, 2021) Issue Fixes : An issue which restricted users with special characters in their passwords from logging in to the portal via the mobile site has now been fixed. An issue that restricted users access to the portal
ADSelfService Plus 6102 released with an important security fix
Hello Everyone, The latest build of ADSelfService Plus, 6102, fixes an important vulnerability reported by Krzysztof Andrusiak (STM Cyber) and Marcin Ogorzelski (STM Cyber) through our bug bounty program. Issue fix: An unauthenticated remote code execution
Forced Enrollment Scheduler keeps turning off.
The Forced Enrollment scheduler keeps turning off. I can go back in and click it to make it green and turn it on again. But at the next time it's scheduled to run, it turns off. New users are not getting the login script added to their profiles and are
Cannot start server, error 503
Hi, I have such error, version 6100: HTTP Status 503 – Service Unavailable Type Status Report Message Servlet [org.apache.jsp.jsp.showLogin_jsp] is currently unavailable Description The server is currently unable to handle the request due to a temporary
Users unable to start forced enrollment
New user here. I've been evaluating ADSP for about a week now for possible recommendation to to my clients, as I'm a self-employed computer consultant that's been in the industry for almost 40 years now. Lab setup. I'm on a Server 2019 domain. ADSP is
Mobile App issue
When performing Reset Password or Unlock Account, if the ADSSP mobile app is kept opened prior to selecting & going ahead with TOTP verification and/or QR code verification, the Mobile Auth does NOT display an alert. This causes confusion to end users which ends up with several unwanted & unnecessary calls to IT team
Secure helpdesk user verification
The helpdesk is a popular target for hackers. The most popular tactic used is social engineering. While social engineering is likely when using security questions, it is much less common if multi-factor authentication is used. A much needed feature in
We keep losing our users enrollment
Every time we update the product the User Enrollment gets reset????? Why, and how to avoid this?
Gina Cliente is storing passwords in plain text?
Hello team, in my company we are using GINA CLIENT 5.1 in windows computer, with the option of refresh the computers password by VPN. When the Gina Client finishe passwords reset process, it automatically store the user's password in (C:\Windows\Temp) plain Text, to then use that password to connect by VPN Is a very high security risk, I am very disappointed. PLS, how can I fixe this issue? Thanks
How to limit the number of mobile numbers in ADSefServicePlus
Hi how can i limit the number of mobile numbers that user can add. some users added multiple mobile numbers.
MFA Recovery code
Hi ManageEngine Team, The MFA Recovery code which is made available to end-users after they have enrolled in ADSSP is a nice feature but needs a slight change, in my opinion. The MFA Recovery code is provided as an optional step for end-users to download
PENDING - 2 months & still UNRESOLVED -- ADSSP Mobile App does not follow the MFA for Reset / Unlock
I had reported this 2 months back now and this is still & definitely a Security risk here. The bug existed in My ADSSP build number 5815 & exist in every version even in 6008 It is over 2 months now and this is still not fixed... Do let me know the escalation process & the SLA for bugs resolutions We have our MFA for Reset / Unlock enabled to 3 factor authentication for reset / unlock operations. However, when performing Password Reset and/or Unlock account from the ADSSP mobile app, it doesn't
ADSSP Mobile app issue with verification methods
When Resetting password and/or unlocking account from the ADSSP mobile app, users get only 2 modes/option to verify themselves.. 1. Verify using Security questions 2. Push notification verification. User has enrolled with Email, SMS, TOTP, QR code , Security & Push notification Why are Email verification, SMS verification, QR code & TOTP not made available when Resetting password or unlcoking account from ADSSP mobile app?
GINA display customization
The GINA screen at the Windows login screen does not give a good look. It should provide & have to ability to display the default Web page you see when a user or Admin accesses the portal via Web browser or a Custom web rather than the dull black screen
ADSSP doesn't load
Hi all, i have installed this software but, when i try to open it, it loading and it doesn't open any kind of browser. in attachment my error.
NGINX Reverse Proxy with basic authentication
Hi We have put ADSelfService Plus behind a reverse proxy (which works fine) and have now enabled htpasswd basic auth. After you enter the basic auth credentials you are presented with the ADSelfService login page. If you enter the credentials here, doesn't
AD LDS
Can this product be used for accounts that are stored in AD LDS?
Random users getting Invalid Code error when trying to register for self service
We have had random users, using both iPhones and Androids, get the Invalid Code when either scanning and manually entering the code from the Self Service page. The time and date have been verified on both the computer and the mobile device. In some instances
What is Password to restore database to another server ?
Hello everyone. I need to migrate a AdSelfService to another server. I make a backup with 'Auto Backup' option, but in restoredb.bat i need to enter a password, but I don't know what the password is. AdSelfService Plus Build: 6100
ADSSP Admin portal missing logs for MFA Backup Codes generated by Admins
The ADSSP portal Build 6100 provides Admins to generated MFA Backup Codes for end-users but does not have any logs recorded which could help trace back to which Admins have generated this code for an end-user account This is very bizarre and not sure
ADSelfService Plus in a mixed IPV4/IPV6 Environment (with solution)
Seems that while the version 6.0 Build 6013 and older versions of the AD SelfService Plus program (ADSP) only works with IPv4, and it flat out will not work at all in a mixed IPv4/IPv6 environment. With many networks n the mixed environment now, the Self
ADSelfService Plus 6100 Release
Hello everyone, We are glad to announce the release of build 6100 with the following features, enhancement and issue fix. Enhancements: The Tomcat server bundled with the product has been upgraded to version 8.5.57. The ADSelfService Plus database backup
Next Page