GINA 2FA prompt everytime
We are getting ready to roll out this product. When I install the GINA client on my laptop, it works fine. But it is prompting me for answers to my enrollment questions on every single unlock or login. I don't want it to do that, I want it to just be
ADSelfService Plus and log4j (CVE-2021-44228)
Hi, Is the latest version of ADSelfService is vulnerable to the recent log4j vulnerability? Looking at the library files I can see both log4j 1.2.8 and 1.2.15. I really think that the home page should direct us to a status page regarding this issue. Some
Spring4Shell in ADSelfservice Plus
Searching my \Lib folder today found the following files spring-beans-4.2.0.RC3.jar spring-core-4.2.0.RC3.jar spring-context-4.2.0.RC3.jar I know AD Selfservice plus runs Java 8 not java 9, but all the same, could we get a updated version of this library
Updating Cached Credential Over VPN (Cisco Anyconnect)
Hello, I am unable to get the system to update the cached credential over vpn after password reset. I previously had a support case with manageengine regarding this, which was resolved, but I have since then lost the settings. I believe the resolution
Challenge Questions Confirmation Needed
Can we please get the feature added prompting users to confirm their response questions? As it stands now users can incorrectly type their response questions and then not be able to unlock their account or reset their passwords. We cannot even deploy this app until this happens. This should be very easy to do with a hotfix. Please provide an ETA. Regards, e-
ADSelfService Plus' latest build 6123 released with some security issue fixes
Hello everyone, This is to announce the release of ADSelfService Plus' new build 6123 which fixes the following security vulnerabilities. Issues fixed: A security vulnerability which exposed admin credentials if the ADSelfService Plus server access was
Attackers Gaining Administrative Access to Zoho ManageEngine ADSelfService Plus Instances
FYI anyone with internet facing selfservice should act quick Rapid7 reporting Attackers Gaining Administrative Access to Zoho ManageEngine ADSelfService Plus Instances Rapid7 Managed Detection and Response (MDR) recently observed several incidents in
Changelog for GINA/Mac/Linux Login Tool (5.9 update)?
Is there a changelog for the recent 5.9 update to the GINA/Mac/Linux login tool?
Some users can can use old passwords and some not??
Hello... We have Windows Server 2012 R2, where we have a server named AD-1 and is the primary so to speak and AD-2 is the secondary, meaning only AD-1 can send out the changes. We are using ADself service Plus. Not sure where to look to get the version
Your account is not configured for Multi-Factor Authentication. Please contact your Administrator.
I am trying to enforce MFA enrollment and MFA on our superadmin accounts in ADSelfService Plus. The superadmin accounts are a couple of user accounts synced from Active Directory. These user accounts are in their own OU in AD and do NOT have any other
Locked out of system
We've updated our main AD administrator account which was configured within SelfService for domain configuration. Problem is we are now unable to log in to the system to update the configuration with the new password (get Invalid domain configuration
[Important] ADSelfService Plus 6122 Security Fix Release
Hello everyone, This is to announce the release of ADSelfService Plus' latest build, 6122, with the following issues fix. Issue Fix: In product instances where post-action custom scripts are enabled, a security vulnerability (CVE-2022-28810) which could
How to configure password Sync in three domains multidirectional
Its possible to do a multiway password Sync with 3 domains? I configure password Sync agent in all dcs of the 3 domains, and create 6 Sync policíes A to B, A to C, B to A, B ti C, C to A and C to B. I do this config because a suport technician tell me
DUO MFA call via HTTP (Windows GINA client)
Hello ManageEngine, We are deploying the ManageEngine GINA v5.9 client via HTTPS and it works well however our environment blocks HTTP calls to the outside world. This comes into play during the GINA DUO MFA prompt. From the logon screen, after a user
Mobile App: customizing help page?
Hello everyone, I've been wondering if there is the possibility to customize the help page in the ManageEngine ADSelfServicePlus App, or is it a built-in page? Thanks David
Granular permissions for technicians
We have multiple technicians who help our customers and if can we add more Granular permissions to technician roles so that instead of giving them "ADMIN" access we can give them limited access to enroll/edit individual users or bulk edit/enroll users
Multiple push requests to ADSS App for VPN
I just finished setting up MFA for VPN on our network and we are in pilot mode. Everything seems to be working well, except when users are logging in their mobile phones are getting multiple requests to allow the login. Even after the first request was
Hide synchronization status
Hi, I want to know if there is way not to display the status of the synchronization ? We synchronize multiple directories, but in the Domino directory only 80% of the users have an account, and for the others the popup displays that the user cannot be
Post Action custom script questions
So I'm thinking that these scripts might help me out of a strange situations I'm in. However I can find little documentation on exactly how these scripts work. The example supplied example is: cscript test.vbs %userName% %password% But where is the default location for this script? Can I use absolute paths? I see the tokens %userName% and %password%, but what other tokens are available? Is the return value from the script used? Thanks Bob Where are these script co Run custom script to synchronize
Account unlock/Password reset trying under the identity of the user
Hi, We have recently setup a new policy that uses MFA. Until you try to unlock an account or reset a password, everything works fine. When you try either option, we are getting a native exceptions: adssp.error.native.no_unlock_priviledge::::: For the
Some Authentication Problem when logging in
Hello Everyone, hopefully you could help us resolved our concern below. When users logged in they encounter this issue. Any ideas/troubleshooting procedures will be a great help.
ADSelfService Plus' latest build 6121 released with some security fixes
Hello everyone, ADSelfService Plus' latest build 6121 fixes the following security vulnerabilities. Issues Fixed: A security vulnerability (CVE-2022-24681) which allowed XSS script execution in the reset password, unlock account, and user must change
Change Reset Password Screen to include custom text
We'd like to include a description of what Password Complexity means when people change their password (this screen). Whether it's a hover/alt text or a link for a descript or just inline with the rest of it. This would help avoid some help desk tickets.
iOS push certificate expired?
Hello! Two of our clients have a problem with the MFA-Authorization since a few days. Both are using the app on iOS. On both sites we have build 6119 installed. In the logs I have found the following error: [15:09:09:475]|[02-13-2022]|[ADSLogger]|[INFO]|[105]:
Problem While Sending SMS
Hi when I want to send a test SMS in ADSelfService, the message "SMS sent successfully" will be shown. but No SMS will be sent and in Serverout0.txt log file i can see http url address page as html. Also I have tested SMS service with same parameters
Windows Logon TFA not working
I've carefully followed all the steps in this guide: https://www.manageengine.com/products/self-service-password/help/admin-guide/Configuration/Admin-Tools/GINA/windows-logon-tfa.html I've enabled SSL, setup a certificate and verified connectivity. The server and end computer are on the same domain and I've deployed the agent through the GINA Installation console page. Under the MFA section I've enabled the Endpoint MFA and the MS Authenticator. Logging on to my test box runs as normal; no 2FA.
Feature Request : Backup cleanup task
This product unlike most of the others ME produces does not seem to have a cleanup task for old backups or a setting to set the number of days to keep. I would like to see this added to the product as it helps keep everything clean and automates the cleanup process.
GINA Other User option missing
With the GINA installed on my systems the "Other user" option is missing from the login screen is there a way to get this back?
LDAP Macros - manager ?
Hello, Is there a way to add the manager inside the macros to be used on a mail to warn users on their expiration of password ? Regards, Seb
Expiration Notification - Access URL is not hyperlinking
Hello, We have configured our instance to send Password Expiration Notifications, however, it is not hyperlinking the Access URL in the message. Anyway to resolve this? We have used the macro %acessURL% in the message to populate the url, its just not
Redirect to Enrolment
Hi, This may seem like a simple thing to achieve with forced enrolment but you know users. The only time many use the reset site is when their password has expired or they have locked it. We would direct the users to the URL (again) and they always
Procedure for resetting a User using Authenticator
Here is the procedure I use when there's a mismatch/error when usingt an Authenticator: 1) In the cellphone Authenticator, remove the User's account. 2) Run ADSS Reports / Enrollment Reports / Enrolled Users Report 3) Checkbox the User. A Disenroll/Trashcan
Log4j dependency removal's impact on RSA SecurID-based MFA
In light of the recent discovery of Apache Log4j library's security vulnerability (CVE-2021-44228), ADSelfService Plus released its build 6119 that completely removed dependency on the Log4j library. However, the Log4j library is required if you have
Clickatell text messages not going through consistently
Ever since we have implemented ADSelfService Plus with Clickatell text messages, the text messages from that service has been extremely poor. Sometimes but infrequently it works just fine but most of the time the text messages won't come or arrive so late that our screen times out before you can enter in the code. I have been round and round with support and Clickatell supposedly fixes something and things are better for a little while but shortly after things don't work again. This is very frustrating
Tell us what you think about ManageEngine ADSelfService Plus
We, at ManageEngine ADSelfService Plus, value our customer's views and experiences. Share with us your thoughts on ADSelfService Plus through a quick survey. Your feedback, good or bad, will be the key to improving the product. In this survey, you can
Users reciving duplicate email-id error when trying to enrol
Users the already have their email attributes configured in AD recieve the following when trying to enroll for SSPR functionality. "Duplicate email-id found. Kindly provide a unique one.' Is there anyway of either auto enrolling users that already have
Migrating ADSSP to new Server, different Postgres Versions
I am moving my ADSSP installation from one server to another and the postgres version on the existing server is 9.4.16 and on the new server is 10.15. Instructions say if these differ to contact support. Are there any additional steps when migrating
GINA resets locked screen wallpaper
We have a locked screen wallpaper that is deployed to all computers. When the GINA is installed, locked screen is reset to the Windows 10 default images. Is there anything I can do to prevent this from happening?
Blank Screen on MFA Endpoint login
Hi All We are in the process of evaluating ADSelfService Plus and have run into an issue with enabling MFA on endpoints. These are all Windows units. On Windows Server 2016 and less, the process works fine, With MFA enabled on Server 2019 or above,
Configured Password/Account Expiration Notifications
Hello Support Team, We have tried to implement option "Configured Password/Account Expiration Notifications" in AD Self Service Portal. But, I found it is not working and I'm receiving report mail, which I have set as "Dear Admin, No reports available
Next Page