ADSS GINA agent records password in clear text in log file.
Recently I have configured GINA with VPN configuration. While testing I noticed ADSelfServicePlus Client Software has saved my password in clear text in its log file. When I checked with support I got reply that its normal behavior. This is very big security issue and can't be accepcted.
adselfserviceplus owa integration
hi. i'm testing adselfserviceplus and i'm trying to integrate with owa i'm at the start, where i need to replace data inside logon.aspx i'm not a coder, and some of the stuff in the manual is unclear maybe someone has a predefined logon.aspx to send me? i don't want to break anything in the original file by pasting wrong data in the wrong place.
How to fix the unauthenticated product integration vulnerability
Hello Everyone, We wanted to let you know that a security vulnerability was detected in ADSelfService Plus and we have fixed it. This article explains how you can fix this issue. What is the issue? ADSelfService Plus had a vulnerable endpoint which allowed a user to integrate ADSelfService Plus with any other supported ManageEngine product, bypassing authentication. Which version of ADSelfService Plus is affected? All ADSelfService Plus builds below 5817 are affected. What is the severity level of
Hide mobile number selection stage when one mobile number is set
Hi, I need to decrease stage of Password Reset. I wanna to hide mobile number selection stage. What should I do? Thanks for helping
ADSelfService Plus 5815 released with an important security fix
Hello Everyone, We have released a new build of ADSelfService Plus, 5815, which fixes a security vulnerability. Issue Fix: Security fix to ensure ADSelfService Plus is immune to unauthenticated remote code execution (RCE) vulnerability, which was reported by Pieter through our bug bounty program. [ CVE-2020-11518 ] New to ADSelfService Plus? Download the fully functional 30-day free trial now. Regards, ADSelfService Plus Team Toll Free: +1-84-245-1104 Direct: +1-408-916-9890 Email: support@adselfserviceplus.com
ADSelfService Plus 5817 released with an important security fix
Hello Everyone, We have released a new build of ADSelfService Plus, 5817, which fixes a security vulnerability. Issues Fixed : Fixed a vulnerability which allowed a user to enable integration with other supported ManageEngine products bypassing authentication [CVE-2020-24786] , which was reported by Florian Hauser. Issue in using Push Notification authentication for logging into ADSelfService Plus when TFA is enabled. How to update? A service pack for this build will be released soon. Stay tuned.
How to enlarge ADSelfService Plus font size
Hi, How to enlarge ADSelfService Plus font size? The default font size is very small. Version: 5.8.16
SMS verification is not plain text in AD-SSP
Hi, SMS verification is not plain text in AD-SSP 5.8.16 and I see in mobile as below message: <div style="direction: rtl;">Dear user<br></div><div style="direction: rtl;"><br></div><div style="direction: rtl;">verification code:</div><div>87233859<br></div><div><br></div> Please fix it in next release. Thanks for helping
Customize the Password Policy requirements on the Change/Reset Password Page
I would like to know how I can customize the Domian Password Policy Requirements descriptions on the "Change/Reset Password" page. Our password requirements has gotten, more complex. It is confusing to the users if it doesn't say what we have been telling them when they call the help desk. I have see two different examples on how to change this, though only one matches up to what I'm seeing in my software. Example #1... When logging into ADSSP, I goto Admin - Customize - Rebranding. I have the
Use another domain attribute instead of username for reset password
Hi, Sometimes our user forget username. I wanna to set another domain attribute (like Employee ID) instead of username. What should I do? Thanks for helping
Where is SMS log file
I have problem in send SMS. Now I want to see log for send SMS .Where is SMS log file?
Customizing the main login screen?
When users get the first screen to either choose "Reset Password" or "Unlock Account", and that page be customized? It seems very bland.
"Customize User Logon Page" link on the 'Logon Settings' has disappeared after upgrade to 5815
I am unable now to see the "Customize User Logon Page" link on the Admin page. We were running 5708, i upgraded to 5800 then 5815. At this point the Customize User Logon Page disappeared. Is it somewhere else, or did I miss something in the upgrade? How can I recover this, as i need to amend the User logon page. Thanks
"Customize User Logon Page" link on the 'Logon Settings' has disappeared after upgrade to 5815
I am unable now to see the "Customize User Logon Page" link on the Admin page. We were running 5708, i upgraded to 5800 then 5815. At this point the Customize User Logon Page disappeared. Is it somewhere else, or did I miss something in the upgrade? How can I recover this, as i need to amend the User logon page.
ADSelfService Plus 5816 Release !!!
Hello Everyone! We are glad to announce the release of build 5816 with significant new features and enhancements. Features: Improved look and feel with flat UI: The ADSelfService Plus admin portal has been revamped with a sleeker and more streamlined flat user interface. Embed dashboard widgets: The dashboard graphs can be embedded in any web page using the HTML snippet provided. A URL is also provided to access the graph separately. Language customization: Personalize ADSelfService Plus by customizing
How to personalize diffrent language of portal
Hi, I wanna to set Arabic language for all user and customize English language for own user. What should I do? Thanks
Upgrade failed: JRE version should be 7 to proceed
Unable to install upate (Build 5703 to 5708) I always get the error "JRE version should be 7 to proceed. Please start and stop the product once and then try again" How can I complet the update?
Add Custom text in the Login Box
On the main login page I would like to add custom text near the word "Log In" how to do that?
Can I remove "Update Your Profile Efficiently" Options from the login screen?
Hi I have disabled the option for the users to self update but it still appears on the Self Service login screen, can I change the login screen to remove the option? Thanks Rich
[Webinar] Enhance user self-service experience with ADSelfService Plus
Hello, Telecommuting might add to an increase in the number of password-related tickets. How do you solve this? Attend our 'Password management best practices and security tips for remote employees' webinar on 9th April 2020, and learn to resolve the password management challenges. Register for the webinar You will learn about : 1. Password reset for remote employees 2. Password expiration notification for remote users 3. Web-based password changes for Active Directory 4. Tips for better password security
ADSelfService Plus 5810 Release
Hello folks! We are delighted to announce the release of 5809. Issue Fixed : Issue in AltGr key usage in the GINA login agent when ADSelfService Plus' end-user portal is configured in non-english display settings. New to ADSelfService Plus? Download the fully functional 30-day free trial now. Regards, ADSelfService Plus Team Toll Free: +1-84-245-1104 Direct: +1-408-916-9890 Email: support@adselfserviceplus.com
ADSelfService Plus 5814 Release
Hello folks! We are delighted to announce the release of 5814. Issue Fixes: Issue of unnecessary characters in SMS notifications when using the SMTP provider due to improper encoding type. Issue in generating the Enrollment Reports graph in the Dashboard tab. A vulnerability issue in the ADSelfService Plus login agent has been fixed. Issue of password reflection during password reset. Issue of a Cross-site Scripting vulnerability. New to ADSelfService Plus? Download the fully functional 30-day free
ADSSP Client Issues after migrating to Okta SSO
We just recently enabled SSO integration with Okta to try and take advantage of Okta MFA. Everything seems to work fine but the ADSSP Client. When attempting to use the client utility from a locked Windows machine, users are getting the following error: I'm assuming I need to enable external URL access, but can't seem to find a setting for that in any of the docs/articles I've found so far. Like I mentioned before, this works fine if a user goes to the web app and unlocks/resets password, it's just
SMS missing
Hi I have the option to send users the code by email and today we config SMS and in the test works fine. Why when the users go to reset or unlock the account only the email options is show ? Regards
ADSelfService Plus 5813 Release
Hello folks! We are delighted to announce the release of 5813. Issue Fix: A security issue that arises when the 'User must change password at the next logon' option is enabled in Active Directory has been fixed. New to ADSelfService Plus? Download the fully functional 30-day free trial now. Regards, ADSelfService Plus Team Toll Free: +1-84-245-1104 Direct: +1-408-916-9890 Email: support@adselfserviceplus.com
Password complexity
Our current active directory environment allows for either/or of numbers and symbols. When configuring the password complexity in ADSelfServicePlus, I only have the option to add those 2 independently. So for example, I could set my password as Password1 in AD, but ADSelfServicePlus would then require me to set a password of Password1!. Thanks in advance! -Jared
Delete Registered User in AD Self Service
How to delete a registered user in AD Self Service Plus?
SMS Config
I am custom configuration SMS and tested running but my problem starting now sms text comes united example: I am typing "change password". "changepassword" appears on the phone. I write in Turkish but the Turkish characters "ş Ş İ ı ö Ö ğ Ğ ç Ç" appear to be erroneous.
Adselfservice plus send me this error "The account service configured on application was expired"
Adselfservice plus send me this error "The account service configured on application was expired". Review the logs Server_out the key for error is [SYSERR]|[INFO]|[87]: javax.security.auth.login.LoginException: adssp.login.common.error.pwd_expired
ADSelfService Plus 5812 Release
Hello folks! We are delighted to announce the release of 5812. Issue Fix: Issue in enforcing the default minimum password length (i.e, 7) when product technicians change their account passwords. New to ADSelfService Plus? Download the fully functional 30-day free trial now. Regards, ADSelfService Plus Team Toll Free: +1-84-245-1104 Direct: +1-408-916-9890 Email: support@adselfserviceplus.com
ADSelfService Plus Fixes and Enhancements [2020]
Release Notes for build 6100 (Dec 31, 2020) Enhancement: The Tomcat server bundled with the product has been upgraded to version 8.5.57. The ADSelfService Plus database backup archives are now password protected. Issue Fixes: A security issue due to
ADSELFSERVICE and OPENLDAP
MS AD directory is used to because the global company requires us to have. Download and run Adself service test the password sync on the tool is work. i am running samba(linux) and the backed for authentication I use openLDAP so if the password is change using ADSELFSERVICE the user is unable to access the samba share because the password did sync the change to samba on LDAP. So ADSELFservice don't make used the extended modification(OID) operation that does all the sync in openLDAP. They used
Admin login for self service
Hi There, In self service I have removed the option to login to the admin login on the default page. Now occasionally when I go into the admin page it goes to the normal login instead. So http://server:8888 works fine for general users though when going to http://server:8888/AdminLogin.cc it still defaults to the main page most of the time. Any ideas? Or is there a different url to try? Damon
ADSelfService Plus - service starts then stops
Hi- I installed ADSelfService Plus build 5811 on Windows Server 2012 R2 (a domain controller), and configured a policy for password expiration reminder emails. i followed the instructions to configure it to run as a service (using a domain account which has log on as a service right on this DC), then rebooted. It now shows in Windows Services list, but the service cannot start. Error is "The ManageEngine ADSelfService Plus service on Local Computer started and then stopped. Some services stopped
ADSelfService Plus 5811 Release
Hello folks! We are delighted to announce the release of 5811. Feature : Block breached passwords: ADSelfService Plus now supports integration with 'Have I Been Pwned?', which prevents the use of breached passwords during password change or reset by users. New to ADSelfService Plus? Download the fully functional 30-day free trial now. Regards, ADSelfService Plus Team Toll Free: +1-84-245-1104 Direct: +1-408-916-9890 Email: support@adselfserviceplus.com
Error when using password reset without remembering the old one
Hi, After setting up ADSelfService Plus I'm running into the following error: If I log in with a test account and just reset the password there is no issue, but if I try and use the feature to reset a password without knowing the old one, I just get an error saying that the reset has been rejected. I'm pretty sure it was working a couple of days ago, but after adding a license file yesterday it haven't been working. I'm not sure if those two events are correlating?
[Free Online Training] Register now for our free ADSelfService Plus Online training series.
Hello, ManageEngine is back again with another series of online workshops to help you make the best use of our integrated password management and single sign-on solution- ADSelfService Plus. This free live online training will be your guide to eliminate password management troubles while helping you get a better hang of using the solution. The benefits don't just end here. By attending all the sessions in this series you can take up our MECPA certification test for free.
Password Expired
Hello! We are using ADSelf service but our users with password expired can't authenticate on tool. I don't know if we forget apply any configuration, I think that tool would allow users with expired password to authenticate and so they can change the password.
ADSelfService Plus 5809 Release
Hello folks! We are delighted to announce the release of 5809. Enhancement : Option to resend verification codes while authenticating user identities via SMS or email. Issue Fixes : Issue with updating the status of the GINA login agent installation via GPO in ADSelfService Plus. Issue in installing the macOS login agent for users when the domain admin password contains certain special characters such as the '!' and '.'. Issue which caused the open re-direct vulnerability has been fixed [ CVE-2019-18781
Breaking Active Directory passwords with brute-force
With the exponential rise in the number of enterprise applications, users tend to fall into the habit of using weak passwords to secure their accounts. Hackers use this to their advantage by targeting user accounts with sophisticated credential-based attacks like brute force. After all, hackers only need one set of valid credentials to gain access to the organization’s network and cause havoc. Wouldn't it be great if you could protect your business from cyberattacks by ensuring that users create
Next Page