Did you know - How to configure Single Sign-On in ADSelfService Plus? (Part 4 - Salesforce)
Salesforce is considered to be a behemoth when it comes to cloud apps which help you boost your sales. Most companies, worldwide, depend on their marquee product Salesforce CRM to manage all their customers, partners, and prospects information from a single console. Wouldn't it be great if your sales team could have a hassle-free login experience to all the business critical apps in Salesforce software suite? The ADSelfService Plus' single sign-on(SSO) feature does exactly that. Upon configuring
Very slow to return response on password resets
Hi all, I am currently in the middle of setting up a POC of this product, we are hoping it will solve our issues with syncing up Azure AD and on prem domain passwords without paying the stupid Azure AD premium costs. So... i've got it set up. O365 linked and full AD domain linked. It works... BUT... It is incredibly slow to return a response when resetting passwords. Performance is totally fine with every other screen, but when attempting to reset a PW, it takes several minutes to eventually respond.
Remove registration request .
Hi, We want to remove the option that request the user to register , when an user tries to reset his password a message is displayed with this message : "You are required to subscribe for Verification Code. Please login (if you remember your password) and subscribe. Contact your admin in case you don't remember your password." How can we remove that the users don't need to register to reset or change the password ? Thanks
Not Able to start manageengine adselfservice windows service
Hi, I am not able to start adselfservice windows service after upgrading to build 5327.
Permission denied
while user registration, self update, password change permission denied message is coming.
Comodo Positive SSL Wildcard Cert
Hello, I am trying to determine the best way to import my wildcard SSL cert into ADSelfService Plus. Comodo sent me a bundle CA file and a domain crt file for my wildcard domain. These are the options ADSelfService Plus gives me on the instruction page for adding the cert to the keystore: For "Comodo" certificates keytool -import -trustcacerts -alias root -file AddTrustExternalCARoot.crt -keystore selfservice.keystore keytool -import -trustcacerts -alias addtrust -file UTNAddTrustServerCA.crt
Remove child domain from
We are decommisioning a child domain and want to remove it from the Domain Settings area as well as the policy for said domain. When I go to remove the child domain, it states its successful but still shows up and is configured.
ADSELFSERVICE is it 2016 compatable yet
Hi, Is ADSelfService compatible with Server 2016 yet? Thank You Simon
GINA install issue
I'm attempting my first Windows GINA install - on my Windows 7 PC. The ADSelfService console shows that it has been installed. I see the "reset password/unlock account" option at the logon screen of a Remote Desktop Connection, but I don't see it at the logon screen form my PC.
Ports for GINA install.
Hello! Can someone please tell me the ports I need to have open on our firewall to "push" install GINA to all of my PC's?
Password change option
Hello, I enable password change option and I have a problem. In IE all works fine, in Chrome after input login and password I see alert "This page is trying to load scripts from unauthenticated sources", in Firefox after input login and password I see alert "Mixed content blocking". In password reset tool I don't receive any error. How I can fix this problem? Regards, Anton
Can't install GINA on any PCs
Hi Please could you help to debug. I can't install GINA Agent on any PCs in Domain. There is no problem with agent installation for SD+ or DeskCentral agent. Our build 5326 Windows Event log error due Installation initialization: The Interactive Services Detection service terminated with the following error: Incorrect function. Event ID: 7023 Status: Couldn't copy the MSI file "ADSelfServicePlusClientSoftware.msi" to the client machine Best regards Dmitry
Remote password changes - Can't get to work more the 50/50
Our company has about 400 remote users not on our domain with approximately 100 users at the corporate office and connected to the domain. We are cloud based for just about everything hence our interest in Manage Engine and password changes. Unfortunately we were led to believe we would not need a VPN connection to change ones password and the system (Manage Engine) would update the cache including passwords on local devices. We accepted the VPN process using Cisco AnyConnect and have found it
Apache Struts has been flagged as being vulnerable
Hello, the version of Struts used by the AD Self Service Portal is Struts version 1.1. Our IT security has flagged this as a serious security issue. Will Struts be updated to the latest version in the next build ? Strusts 1.1 is very old, has exploits, is unsupported and has long since reached its end-of-life. https://beta.nvd.nist.gov/vuln/search/results?adv_search=true&cpe=cpe%3a%2fa%3aapache%3astruts%3a1.1 https://struts.apache.org/struts1eol-announcement.html Thanks John
Did you know - How to configure Single Sign-On in ADSelfService Plus? (Part 3 - Zendesk)
This week let me take you through the steps to configure Single Sign-On for Zendesk. Once SSO is configured, users can access their Zendesk accounts with just their Active Directory or Microsoft Windows credentials. ADSelfService Plus also allows you to access Zendesk accounts with just a single click, from its web console. Single Sign-On for Zendesk: Step 1: Configuring ADSelfService Plus Login to ADSelfService Plus web console with the administrator credentials. Navigate to Configuration -->
Software not accessible after reboot
Hi I have installed the software and it is working fine. However, once I reboot my workstation the ADSM Server does not automatically restart by itself? I have to run the 'startADSSP' batch file and this then starts all the services and I am able to access the URL again: http://localhost:8888/authorization.do Surely this is not right? Please can someone point me in the right direction and let me know what is going wrong? Many thanks
Logging into ADSelfService Plus after workstation reboot
Hi I have installed this software and all works fine. However once I reboot my workstation and then attempt to login to: http://localhost:8888/authorization.do I just get a "Page can't be displayed" error. The only way to fix it is to reinstall the software and then it will start working again... Any advice please? Thanks
Autoenroll users based on User Principal Name (UPN)
From what I can understand, it is not possible to auto enroll users based on User Principal Name (UPN - e.g firstname.last@domain.com) and they can only be enrolled based on sAMAccountName. Can this be modified so that we can also enroll based on UPN?
SMS Enrollment
How do I enforce users enter their phone numbers with a leading '1' (trunk prefix) when enrolling? It will accept their phone number without it, then when they attempt to unlock an account the SMS will error out due to the missing '1'. The only option I see is to set the format to XXX-XXX-XXXX - which does the opposite, and does not allow them to enter the 1 at all. Or is there a way to have the SMS gateway just add the 1 if not present to all? Thank you!
Cannot send mail
I am running ADSelfService Plus on a Windows 7 machine. I have an SMTP server in house and I can telnet to port 25 on that server (Windows 2012) from the Windows 7 command line, however, I cannot send mail from the application. I have other applications on that system that are able to send mail. It tells me that is cannot connect to port 25 on that server. Any ideas?
Auto-Expire Registered Users Accounts
We seem to have issues where users go long periods of time after their initial registration, where when they have to use the self-serve unlock they've forgotten the answers to their questions. Would it be possible to add the ability to automatically expire a users registration within the self-server tool after a configurable amount of time, so they'd have to re-register and thus update their choose questions and answers?
Update email address to get verification code
Hi Team, Let me know if there is a way to bulk update email address for users to get verification code as multi-factor authentication. Thanks, Rakesh
Slowloris Resource Depletion and Denial of Service
I have placed a support call previously on this issue and was advised it would be fixed in the next release. That was a few releases back and this vulnerability keeps appearing on our external vulnerability scans. Are there any changes that can be made to fix this issue without waiting for a patch in one of the releases? ADSelfService Plus is running on port 443, but it does allow the redirect if a user hits it on port 80. I am guessing that is why the vulnerability is showing below on port 80.
GINA - Password Policy Enforcement only
Hello, Is it possible to hide the Reset Password / Unlock Account Button in GINA? I really like the Password Policy enforcement for when users are changing their passwords, but I am not ready to force everyone to enroll yet. If possible I would like to install the GINA client on all workstations so that users can see the password requirements. Then, once I am ready to have people enroll in the system, I can unhide the Reset Password / Unlock Account button. Thanks, Michael
Captcha field not work for Internal users
Recently we had upgrade our selfservice porta from Version 5301 to Version 5.3 SP2 5320. Now, our most of internal users report us that, they occured issue while reseting or login in self services. Continuosly they occured wrong Captcha while reseting password. & this is not for single user. We are unable to caught our productivity due to this, as users continuuosly complaint about this. we publish 'Get Started' notes to users. But it also not work. Is there any way to remove captcha section from
Enabling a Restricted User Automatically
We can currently restrict users automatically on a schedule using certain criteria (disabled, OU, etc). Could we also have the ability to automatically enable restricted users based on criteria? I restrict students that aren't current students to keep our license count down to an affordable level. However, students commonly skip terms and come back, and then need to be enabled to do password management again. Right now I don't see a way to automate this process. Criteria I would like to see
HTTP/HTTPS
Hello, I have a problem. ADSSP work behind Barracuda Load Balancer. Barracuda configured as HTTPS redirect from 80 to 8888. When i click "Cancel" in ADSSP I go to http://mylink.com. How I can change default ADSSP link to HTTPS://...? Regards, Anton
Quick Enrollment from External Database - "Unable to Fetch. Check your query or permission" when using a SQL View that uses an OPENROWSET
I am attempting to setup ADSelfService Plus to fetch data for enrollment from a MSSQL database. I am connecting to a view I have created in SQL using the following SQL statement in ManageEgine: "Select UserName, Question, Answer from ManageEngineStaffEnrollment;" (ManageEngineStaffEnrollment is the name of view I have created in SQL). This works until I modify the view in SQL to also retrieve and join data from active directory (So I can get the sAMAccountName as I cannot enroll based on UPN). The
ADSelfService Plus 5327 released
Hello Everyone! We are glad to release the latest version of ADSelfService Plus - build 5327. This release comes with three new authentication methods to beef up security for the self-service password reset and account unlock processes, along with other bug fixes. Features: Duo Security, RSA SecurID and RADIUS-based authentication support: Self-service password reset and account unlock processes are now more secure than ever thanks to three new authentication methods for verifying users’ identities.
Did you know - How to configure single sign-on in ADSelfService Plus? (Part 2 - Zoho)
This week let me walk-through through the steps to configure Single Sign-On for Zoho. Upon setting up SSO in ADSelfService Plus for Zoho accounts, customers can use their AD or Windows credentials to access their Zoho cloud accounts. The solution also allows users to access their Zoho accounts from its web console, with just a click. Configuring Single Sign-On for Zoho: Step 1: Configuring ADSelfService Plus Login to ADSelfService Plus web console with the administrator credentials. Navigate
ADSS password change option just refreshes page - does nothing. No errors
ADSS password change option just refreshes page - does nothing. No errors All of sudden (about 2 weeks ago) the ADSS application just stopped changing passwords. (All other components seem to work fine). when you try and change a password the page just refreshes quickly and that's it. No errors, nothing on the screen (and it has not changed the password). INFO: - using the domain admin account as the authentication account. - no windows updates have installed on the server (it's in a DMZ). - only
Modify Gina logo
Hi, There is a way to change the gina logo(when you launch ctr + alt + supr) "Manageengine ADSS" to one especif logo? Regards.
Password Expiry Notification
Hey Guys, So I installed and configured the Free password expiry tool. I checked all the server settings with out network engineer and test the email connection in the server settings section. The test email sends fine, but when I run the task to email users with soon-to-expire passwords, they aren't receiving the emails. I have it set to only detect users in the OU associated with all users accounts, rather than the entire AD because I don't want managed and admin accounts to be included in the
GINA\Mac VPN Client configuration different on PC and Mac
Have a question about GINA\Mac client configuration: ** Enter the location where the VPN client is installed on the users' machines. ** We'd like to use the GINA\Mac client on both PCs and Macs in our environment in order to updated cached credentials via Cisco AnyConnect. The path of the VPN client application will obviously be different on our PCs than our Macs. Will the 'VPN Client Location' field accept multiple locations separated by comma? Should we generate and maintain two separate build\configurations
adssp.common.text.message_failed
Dear Team, I got attached error massage when sending test sms. Pls check and give me a solution. Thanx
Where do you install ADSelfService Plus
So this is a super simple question but for some reason I'm not understanding how ADSelfService is installed Do you install the Software on your domain controller/some other server and clients access the web portal? or Do you install the software on every client's machine? Option two doesn't seem right, but I can't find instructions explicitly saying to install the software on a server. Thanks.
Restricted Access
Hello, I am getting a restricted access error from students who are enrolled and from those who are not enrolled. I can not figure out why both are giving off the same error.
Domain Users can not change passwords
I can change my password as a domain admin, but normal domain users can not. They get the following error:: Change Password Failed 1. Incorrect Old Password 2. Password chosen failed to meet any or all of the standards stated below: Minimum Password Length: A longer password is required. Password Complexity: Password should be a combination of alphabets & numerals. Minimum Password Age: When set, you cannot change password for specified time. Password History: Reuse of old password(s)
Some users not receiving email reminders
Some users do not receive email reminders, in audit reports I am seeing following: "Illegal semicolon, not in group"
Cannot change font for "Sign in" Box
I have set the font for everything to Arial but I cannot seem to make it work that the "Sign in" Box shows anything than times new roman. Which file do I have to alter to set Arial? With the developer tools of the browser I see that there is: <style> .fntFamily{font-family: times new roman,times,serif;} .fntSize{font-size:12px;} .common-textcolor{color:#e2001a !important;} .common-bgcolor{background:#e2001a !important;} .common-bordercolor{border-color:#e2001a !important;} .adsfntFamily{font-family:
Next Page