License count discrepancy
I was getting ready to disable stale users to free up licenses when I noticed that there is a huge discrepancy between exported report of licensed users and the license consumption as displayed when I click the License Info dropdown menu. In my case,
ADSelfService Plus 6513 offers key enhancements & more
Hello Everyone, ADSelfService Plus' latest build, 6513, has been released with the following updates: Enhancements Support for Smart Card Authentication using USB devices like YubiKeys and PIV cards has now been extended beyond the ADSelfService Plus
Microsoft Authenticator Account Name
Hi, Is it possible to change the name of the profile added to Microsoft Authenticator when users enroll in ADSS? At the moment when I can the QR code the account is added as "ADSelfServicePlus" then the users username etc. It would be great if it was
SHA256
Hi, In a previous ticket, I had to reinstall my test environment from scratch because it was corrupted during an upgrade. However, during the reinstallation, I lost all database settings as it's from scratch. But we need to configure SHA256 password synchronization
Users cannot open their mailox after I have installed ADsspOWAIISModule
Hello, As part of our testing environment, I installed the ADsspOWAIISModule on an Exchange 2016 server to evaluate the implementation of multi-factor authentication (MFA). Since the installation, users have been unable to access their mailboxes. An error
Automatic Updater for AD Self Service Plus
Is there an automated updater for this software? I need to make sure we are covered as soon as possible for any zero-day exploits out there
High Availability Licensing and Server Support for ManageEngine
ello, I would like to inquire about the High Availability (HA) setup for the following ManageEngine products: Self-Service Portal Specifically, I would like to know: Does setting up High Availability for these products require an additional license, or
The update script ADSelfService Plus
Hi! Is it possible to automatically find a new update and install it? I'd like to automate the process. The Powershell script issues an error during execution, I suspect that the Update Manager cannot take the .ppm update file. Write-Log "Launching the
How can you add other MFA methods to default admin account?
It seems like it forces the admin account to sign up for Q&A MFA only and there's no way to add other methods. I've set up other methods for domain users such as authenticators. Is there a way to do it for the default admin account too?
Get Ready! Shield NxG 2025 IAM & Cybersecurity Seminar Coming to Seattle, San Jose, Dallas, and Orlando!
Hello! ManageEngine is back with its next-gen IAM & Cybersecurity event, Shield NxG 2025 happening in Seattle, San Jose, Dallas, and Orlando! Join our senior technology evangelists as they share insights on securing, managing, and auditing hybrid IT infrastructures.
Get Ready! Shield NxG 2025 IAM & Cybersecurity Seminar Coming to Calgary & Montreal!
Hello! ManageEngine is back with its next-gen IAM & Cybersecurity event, Shield NxG 2025 happening in Calgary and Montreal! Join our senior technology evangelists as they share insights on securing, managing, and auditing hybrid IT infrastructures. 📍
Unlock IAM Expertise at Our Dublin Workshop – Register Today!
Hello! We are excited to invite you to our first-ever ManageEngine Identity and Access Management (IAM) Product Workshop in Ireland! Join us on May 20, 2025, in Dublin. This is a unique opportunity to enhance your IAM expertise, engage with our product
Get Ready! Shield NxG 2025 IAM & Cybersecurity Seminar is Coming to Kolkata, Hyderabad, Bengaluru, and Chennai!
Hello! ManageEngine is back with its next-gen IAM & Cybersecurity event, Shield NxG 2025 happening in Kolkata, Hyderabad, Bengaluru, and Chennai! Join our senior technology evangelists as they share insights on securing, managing, and auditing hybrid
[SEMINAR] Join us for our IAM and Cybersecurity seminar in Beveren on May 6, 2025—register now!
Hello, ManageEngine is back with its iconic IAM & Cybersecurity event, Shield NxG 2025, happening on May 6th at Beveren, Belgium! From recognizing the critical role of IAM and SIEM solutions in this era to leveraging them to empower your organization,
Problem with Web UI MFA Enrollment - Invalid request
Hello! I configure Adselfservice Plus server with SSL + nginxproxymanager to use full domainname with letsencrypt Problems is only with Web UI MFA Enrollment Mobile phone Enrollment - Working! Windows PC client MFA - Working!
Enrollment during GINA logon
Hi, We're trying to use the ADSelfService_Enroll.hta script to force/remind users to enrol in ADSS but are having a lot of problems running it. Typically we're met with the message that the "server unreachable" when the server is in fact reachable, all
Problem with Web UI MFA Enrollment - Invalid request
Hello! I configure Adselfservice Plus server with SSL + nginxproxymanager to use full domainname with letsencrypt Problems is only with Web UI MFA Enrollment Mobile phone Enrollment - Working! Windows PC client MFA - Working!
UpdateManager.bat GUI graphical issue
When I launch UpdateManager.bat the GUI is unreadable as if there was a refresh problem. ADSelfService Plus - v. 6.5 - 64 bit - build 6510 (also previous version)
"reset password"doesnt appear in login screen
Hello, After installing the latest Client Software msi we do not get the line "reset password/unlock account" under the user's password. How can we get it there? When we open the "C:\Program Files (x86)\ZOHO Corp\ADSelfService Plus Client Software\ADSSPDesktop.exe" file it does work and shows us the login page. Registry settings: Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\ZOHO Corp\ADSelfService Plus Client Software] "PreSharedKey"="" "Version"="4.2.9" "VpnDisconnectCmd"=""
Ports
Hi there, I am sure this has been asked before but an curious as to why all these ports need to be open? Ports Protocols Services Direction 135 TCP RPC Inbound and outbound 389 TCP and UDP LDAP Inbound and outbound 636 TCP LDAP SSL Inbound and outbound 3268 TCP LDAP GC Inbound and outbound 3269 TCP LDAP GC SSL Inbound and outbound 88 TCP and UDP Kerberos Inbound and outbound 53 TCP and UDP DNS Inbound and outbound 445 TCP and UDP SMB Inbound and outbound 25 TCP SMTP Inbound and outbound 464 TCP and
Free edition email confirmation
Hello, I'm looking to use ADSelfService Plus free version for a limited temp project with ~25 users who will need to auth against a temp AD environment. ADSS will be internal-only, not public. Users will not be on AD bound machines, so I just need the
Reset admin password
Guys, Just wondering how to reset the password for the default adselfservice 'admin' account. I think I set this when installing the product but don't remember! Cheers
ADSelfSevice Plus build 6511 fixes an account takeover vulnerability
Hello Everyone, ADSelfService Plus' latest build, 6511, has been released with the following issue fixes: Issue fixes An account takeover vulnerability (CVE-2025-1723) caused by session conflicts has been fixed. Learn more. The push notification certificate
Custom message to users
Right now for users who have not passed onboarding, when trying to authorize, both Cisco Any Connect and Exchange return an error that the username or password is incorrect. Create a custom message if the user fails onboarding and attempts to authorize,
Sound in iPhone Notification
Greetings, Currently there is no sound (alert) when a notification arrives in iPhone devices. Kindly consider implementing this feature. Best regards, Theo
Password reset failed
When resetting the password via email, after entering the verification code and the corresponding answer, it will prompt 'You do not have permission to perform this action'! How to view the log?
ERR_SSL_VERSION_OR_CIPHER_MISMATCH
Hi, We get error after applying rapidssl .cer certificate. I have followed this ssl guide https://download.manageengine.com/products/self-service-password/adselfservice-plus-ssl-installation-guide.pdf. Same error with chrome and IE. How to fix this problem?
Multi-Factor Authentication on endpont - Not Working
Hi, I’m in the process of enforcing MFA enrollment and MFA on our servers/endpoints using ADSelfService Plus. After completing the configuration and running some tests, the GINA application is triggered. However, only the Reset Password/Unlock Account
Error code: ERR_SSL_PROTOCOL_ERROR
Hi, I am getting the following error when using Chrome to access my ADSelfService Site. Error code: ERR_SSL_PROTOCOL_ERROR I have already added the sslProtocols="TLSv1" to the connector, but I still get the error. On SSL Labs check, I get the following errors The server supports only older protocols, but not the current best TLS 1.2. Grade capped to B. This server accepts the RC4 cipher, which is weak. Grade capped to B There is no support for secure renegotiation. The server does not support Forward
Adding Domain in SDP
I have an existing SDP free version, my problem is I cannot add a another domain and the error is "Domain with same name already exists. Please provide different value for Domain name."
Broken logo on login and main admin screen
Hi, I have on the first screen broken logo with text AdselfService Plus (screen attached), this logo is also when admin login on main screen upper left cornet, how to remove this logo from here?
How to view or reset the default admin security questions
ADSelfService plus was set up by someone who's left & while they recorded the admin password, they didn't record the answers to the security questions. I can log on as .\admin but then get: Currently on build 6402 but about to update to 6510. Logging
expired SAML certificate MFA: how to regenerate
Good morning, I want to configure saml in mfa. I have the following error message (see attachments) indicating that the saml certificate has expired how can I regenerate it ? I don't see this option and the configuration cannot be done I tried to regenerate
Problem with adselfservice on-premise server migration
Hi, I need to migration Adselfservice to the new server, so I follow this official guide, but have problems: https://www.manageengine.com/products/self-service-password/kb/adself-service-installation-server-migration.html Old server is: -windows 2012
Account "blocked"
We have a user who is unable to reset their password using ADSelfService Plus. When they try, they get the following error message: "Your acount is blocked. You can't perform "Password Reset" / "Account Unlock". Contact your administrator. Their domain account is not locked. I've had this problem in the past and I cannot remember what the solution was. Can someone point me in the right direction? Thanks!
ADSelfService Plus' build 6509 released with an enhancement and bug fixes.
Hello Everyone, This is to announce the release of ADSelfService Plus' latest build, 6509, with the following enhancement and issue fixes: Enhancements The Windows login agent is now compatible with devices running on ARM64 processors. Issue fixes An
UAC and MFA
Hi, We just realised that when we launch an app using elevated credentials the device is contacting our ADSS server. If the server is not reachable (no network connection for example) we're not able to get password the prompt and instead get a message
ADSelfService Plus' build 6510 released! Now supports macOS 15 Sequoia
Hello Everyone, We are glad to announce the release of ADSelfService Plus' latest build, 6510, with the following enhancement and issue fixes: Enhancements macOS 15 Sequoia is now supported by the macOS login agent for MFA and self-service password resets
ADSelfService Plus Fixes and Enhancements [2025]
Release Notes for build 6519 (Oct 1, 2025) Issue fixes A critical security vulnerability (CVE-2025-11250) has been identified and resolved. An issue where enrollment for Duo Authenticator through CSV and external database failed when the Auth API was
MFA for ADSelfService Plus
Users can now choose between two Multi-Factor Authentication (MFA) methods: security questions or Microsoft Authenticator. Is it possible to enable MFA for ADSelfService Plus login only for users who have opted for Microsoft Authenticator?
Next Page