Compatibility with non-Microsoft ADs - particularly with Zentyal
Hello. I have had a browse around the product info but I cannot clearly make out if it can be used with a samba4-based Active Directory like the one in the Linux Zentyal distro...
"Number of numeric characters to include"
Hi, We have finally narrowed down our password reset issue to this field the Password Policy Enforcer. Whatever value we put in for the number of characters to include, users are unable to reset their passwords successfully unless they use a password with this value plus 1. So if the number of numeric characters required is 1 then you need at least 2, if I set it to 2 then passwords will need 3 numeric characters, and so on, for a successful password change. The thing that made this so hard to work
GINA Install Issue - Process in use
Couldn't copy service to \\xxxxxxx\ADMIN$\System32.The process cannot access the file because it is being used by another process.... The server can access the share manually.
Custom text and links in the layout
Hi all, i would like to add a link to the Self Service Layout where the user can lookup instructions and guidlines to follow for the Directory update. Currently i can only add fields from the AD to the layout. is it somehow possible to add custom text and links as well? Thanks
Security/Patch notification
Hi - what is the process for signing up to receive notifications about vulnerabilities and patches
AD Self Service - Password Expiry Notification
Good Morning, I am just starting to use these Manage Engine tools for the first time so apologies if this is a basic question. I am about to set up Password Expiry Notification via email (on AD Self Service) I have set all the settings as I want. A colleague has informed me that they have tried to get this set up before and it hasn't gone well due to the fact that we use an old email client and the email doesn't display in a very good format once it is sent. I have made a few alterations and also
ADSelfService Plus 5606 released with enhancements and issue fixes!
The latest build of ADSelfService Plus allows access to Password Expiration Notifier free tool by the technicians and supports rebranding of the self-service password reset/account unlock window of the Windows logon agent. This build also fixes important
SSL Cert for AD SelfService Question
Hello All, First, I just want to say that I'm new to SSL, please pardon my stupidity. We're in process of encrypting the connection from the outside to our server. I have a few questions and need help with. 1. Should I be using a self-signed or commercially signed cert? 2. If I need a commercially signed cert, which one should I purchase? https://www.godaddy.com/web-security/ssl-certificate Help would be appreciated!
Airwatch MDM with Configurations
We're trying to deploy the ADSelfservice mobile app to our company phones with the configurations already in place. We received the configuration key value pairs, but for some reason this isn't deploying with our app. Has anyone else ever pushed the app through Airwatch, any tips or tricks to get this done correctly?
ADSelfService Plus (5605) now supports AD-based security questions as an MFA method
The latest build of ADSelfService Plus supports Active Directory-based security questions as an MFA method. Feature: Active Directory-based security questions as an MFA method: You can set up AD-based security questions to authenticate users at the time of self-service password reset and account unlock by comparing their answers with the corresponding AD attributes' value. How to update? Update using service pack. New to ADSelfService Plus? Download the latest version of the free Password Expiration
ADSelfService Plus 5604 hotfix released
We’ve fixed a vulnerability issue in the latest build. Issues fixed: An XSS vulnerability has been fixed. How to update? Update using service pack. New to ADSelfService Plus? Download the latest version of the free Password Expiration Notifier tool Download the fully functional 30-day free trial now. Regards, ADSelfService Plus Team Toll Free: +1-84-245-1104 Direct: +1-408-916-9890 Email: support@adselfserviceplus.com An integrated Active Directory self-service password management and single sign-on
ADSelfService Plus 5603 released with enhancements and an issue fix!
The latest build of ADSelfService Plus brings you the single-logout feature and also adds ADFS to the list of identity providers through which users can access its web console. This build also fixes an important issue in the product. Highlights: SAP NetWeaver password synchronization: Synchronize AD password changes with SAP NetWeaver in real-time. Single Sign-on with Active Directory Federation Services (ADFS): ADSelfService Plus adds ADFS to the list of SAML-based identity providers through
VPN to update cached credentials
Hi, I have reset a password via the GINA tool on the lock screen of a Windows 10 computer that is off the network. The password has reset in A/D however the VPN connection to update the local cached credentials doesn't appear to be working. I notice that I have an extra icon in my lock screen and when I click on it I have a "ADSSPNativeVPN" login and password box appear. Do I manually need to log into the VPN to have the locally cached credentials updated? Would be good if there was a proper user
Script blocked by the browser on the login page
We are experiencing the following issue: When users are logging in, the browser does not load the required script and just hangs there. If the user refreshes the page (F5), they are already logged in and can continue. This has been tested with multiple browsers - screenshots from Chrome and Edge are attached. The ADSS build number is 5600 Has anyone had this before - any ideas? Thanks
large files mdmp extention
Hello, After a support session from one of the ManageEngine employees we've got a large ADManageEngine folder filled with .MDMP files. The folder is about 10GB in size, "8,16GB" files in the \bin\ folder, all files with the following names: hs_err_pid276.mdmp - 246mb hs_err_pid868.mdmp - 260mb hs_err_pid1572.mdmp - 258mb hs_err_pid1708.mdmp - 255mb hs_err_pid3032.mdmp - 252mb What can i do with the files? Can i delete them all?
ADSelfService enrolled and non-enrolled database table column names
Does anyone know the table column name that stores enrolled and non-enrolled users? I are looking to add non-enroll users to an Active Directory group and since ADSelfService doesn't remove users from AD groups, I am working on a script to remove users from the AD group once they are enrolled.
Pre-Configure IOS App
Hi all We use VMWare AirWatch for our MDM and when i deploy the android app, i can preconfigure the webaddress, port and protocol as part of the deployment, but i cannot seem to be able to see this in the IOS version. Does anyone know if it is possible and if so how to do it? Thanks.
Invalid Email-ID
Hi. Trying to run through the Mobile App Deployment wizard and at the second stage "Getting CSR Signed from ManageEngine" I'm asked to enter a From Mail-ID. I enter a valid address but I get an error saying "Invalid Email_ID" Any ideas?
DNS refresh?
Is there a way to refresh/flush the DNS when trying to install the GINA? There are a lot of computers that have incorrect and old DNS/IP details so the server cannot find them.
Adding wildcard SSL cert to ADSelfService Plus
Hi, I have a wildcard certificate for our domain and I have the *.crt files but I'm not sure how to import these into ADSelfService Plus?
SSL certificate issue
Hi, We've recently purchased ADselfservice plus portal, we've gone through of configuring everything so where able to access the portal outside the network however I want to make it more secure, but we are having some issues with installing the SSL Certificate. We already have an wildcard SSL certificate and when I go to download the certificate from 123 Reg, it isn't an download file but text. Do we copy this text into notepad to then convert it to a pfx format file? I have done the above and
Error when changing, resetting or unblocking user "Account blocked."
We are presenting the error attached to the platform in an exporadic but concurrent way, when changing the password, resetting the password and regardless of the type of user authentication "SMS or Googl Authenticator" says that the user is blocked even though the policy is configured option to unlock the user once the key is reset or changed. already validate the user in the active directory and it is not blocked, could it be an error in the application ?.
How Can I config Windows Login TFA
Hello there, I have set up a new policy configuration on ADSSP. I activated the verification code in the Login TFA tab for this policy. I chose only for IT users over OU. I made Password Policy Enforcer settings for this policy. I enabled Windows Logon TFA from the GINA / MAC tab. I restarted the ADSSP service. I reinstalled a test user from GINA / MAC Installataion. but windows logon TFA is not working Please help me?
Running 2 instances of ADSS on the same AD
Hello, I would like to know whether it is possible to have 2 separate instances of AD SelfService Plus on the same AD. We want to use one of those as internal and the other that we already have will be external. Would we need separate licensing for the second one? Thanks Zhivko
[Tips & Tricks] How to enable SAML-based SSO for ADSelfService Plus using OneLogin?
Last week we saw how ADSelfService Plus facilitated SSO for its web console through Okta. This week let’s learn how to set up one click access to ADSelfService Plus’ console through OneLogin. If SSO is enabled, whenever a user attempts to log on to ADSelfService Plus’ web console, OneLogin will authenticate the request and grant access to the ADSelfService Plus portal. When a user is already logged in to OneLogin and tries to access ADSelfService Plus, the user will be granted access automatically.
[Tips & Tricks] How to enable SAML-based SSO for ADSelfService Plus using Okta?
If your organization uses SAML-based identity provider (IdP) applications such as Okta, you can enable one click access (SSO) to ADSelfService Plus' web console. Once SSO is enabled, whenever a user attempts to log on to ADSelfService Plus’ web console, Okta will authenticates the request and grants access to ADSelfService Plus portal. If a user is already logged in to Okta and tries to access ADSelfService Plus, the user will be granted access automatically. Prerequisite If you do not find ADSelfService
[ManageEnginge] Effective AD password management techniques revealed
Hello, Whether you are an administrator or an end user, managing passwords is hard. It doesn't have to be that way anymore! Attend our Effective password management techniques for your Active Directory environment webinar and learn simple techniques that boost up both the productivity and security of your IT environment. ..Book your spot now.. What's in it for you By attending our webinar you will learn how to: Enable password self-service and self-account unlock for end users. Group or OU-specific
[Tips & Tricks] Bulk disenrollment of users in ADSelfService Plus
ADSelfService Plus offers administrators the convenience of performing bulk disenrollment of users. This feature allows them to manage user’s licenses effectively and also not be pushed to the extent of disenrolling users one at a time. Administrators can choose between the following two options to perform bulk disenrollment. Select multiple users from Enrollment Reports. Import users from a CSV file. Method 1: Select multiple users from Enrollment Reports. Log into ADSelfService Plus as an
[Tips & Tricks] Updating cached credentials by configuring custom VPN providers in ADSelfService Plus.
ADSelfService Plus can automatically update the locally cached credentials in remote users’ machines as and when they reset their passwords. To update cached credentials, ADSelfService Plus requires the Windows logon agent, bundled with the product, and a command line VPN client to be installed in the users' machines. It supports these VPN clients: Fortinet, Cisco IPSec, Cisco AnyConnect, Windows Native VPN, SonicWall NetExtender, Checkpoint EndPoint Connect, and SonicWall Global VPN. You can also
error when changing, resetting or unblocking user
We are presenting the error attached to the platform in an exporadic but concurrent way, when changing the password, resetting the password and regardless of the type of user authentication "SMS or Googl Authenticator" says that the user is blocked even though the policy is configured option to unlock the user once the key is reset or changed. already validate the user in the active directory and it is not blocked, could it be an error in the application ?.
error el cambiar contraseña ADSELSERVICE "USUARIO BLOQUEADO."
Agradezco su colaboracion para la verificación del aplicativo adselfservice ya que en ocasiones se está presentando el mensaje que se adjunta a pesar de que el usuario no se encuentra bloqueado. A pesar dese restablece la contraseña con opciones de autenticación ya sea por mensaje como por Authenticator.
Error when changing, resetting or unblocking user "Account blocked."
We are presenting the error attached to the platform in an exporadic but concurrent way, when changing the password, resetting the password and regardless of the type of user authentication "SMS or Googl Authenticator" says that the user is blocked even though the policy is configured option to unlock the user once the key is reset or changed. already validate the user in the active directory and it is not blocked, could it be an error in the application ?.
SSL Certificate Issues on ADSelfService Plus
Hi All, I have installed an SSL certificate on my ADSelfService Plus deployment. The cert seems to bind fine, and works perfectly on the site. However, when I go to configure the mobile app deployment, I see the following error: Name in SSL certificate conflicts with server name in URL The server name is selfservice.mydomain.ie, The CSR was created to that effect and issued by GoDaddy. Any help greatly appreciated. Thanks Chris.
ADSelfService Plus - HIPAA
I hope this is the right place to post but does anyone know where I can find info on weather ADSelfService Plus is HIPAA compliant?
Logs To Syslog Server : Error Destination host unreachable
When trying to direct the log of Ad Self Service Plus to our log server, it gives the following error.of our product to our log server, it gives the following error. What would be the reason? Destination host unreachable
Self-Service plus 5601 - not able to unlock the user account
Hello, I am currently evaluating the latest Self-Service Plus. I was able to install, integrate it to the AD without any problems. Then I started to test the features: a. User Enrollment: test passed b. To change Password: test passed c. Forgot/reset Password: test passed d. Unlock account : Having difficulties. I go through the unlock process from A to Z and I get the final message that the account is successfully unlocked, but when I check in AD the account is not unlocked.
Release notes
Hi, Where can I find the release notes for: ManageEngine_ADSelfService_Plus_5_5_0_SP-9_9_0.ppm and ManageEngine_ADSelfService_Plus_5_6_0_SP-0_1_0.ppm Thanks Zhivko
Issues installing new SSL certificate
Hello, I am running ADSelfService Plus build 5304 on Windows 2008R2 and can't seem to get the SSL certificate installed properly. I used the SSL certification tool to generate a new CSR. I submit the CSR to get an Incommon certificate along with the Incommon Intermediate certificate and add the certificates to the ./jre/bin/SelfService.keystore using the import commands for Verisign certificates. Then I copy the newly created keystore file to the ./conf folder, check the server.xml file and restart
ADSelfService Plus 5602 released with a bunch of enhancements and issue fixes
The latest build of ADSelfService Plus now has an option to specify the length of the verification codes and also provides the ability to install GINA/CP logon agent using DNS hostname. This build also fixes some important security issues in the product.
Best Practice for License Recovery in ADSelfService?
Hello. We are currently in a reactive cycle where we manually remove licenses in bulk for disabled, deleted, and unowned licenses. Is there a proactive or automated process where we can recover a license when a user is deleted or disabled from our directory? After reading the documentation I see that we can perform removals in bulk through license management, which makes the process quick, but we would prefer to be proactive about it. Thanks in advance!
Next Page