Secret question changed after update 6303
Hello friends, I have a problem that may also be happening to you. After installing update 6303, we started receiving reports from users saying that one of their secret questions for using MFA was not the one they had originally defined. They indicated
Another key is configured for this DC already.Delete the key from the Product and try again.
I reinstalled the password sync agent on domain controller and now service will not start. below is error. I'm not sure where and what it wants me to delete. The error below is fromt the Service_Exceptions file, after trying to start the service. [4/20/2023
ADSelfService Plus' build 6304 now released with enhancements and issue fixes
Hello everyone, This is to announce the release of ADSelfService Plus' latest build, 6304. Enhancements Email server settings in the product now support Modern Mail Authentication. Cached credential update over VPNs can now be configured using a service
SSL wildcard cert import/install issue
Hi all, I followed this: https://www.manageengine.com/products/self-service-password/kb/installing-pfx-certificates-for-ssl.html and this: https://pitstop.manageengine.com/portal/en/community/topic/imported-wildcard-ssl-certificate-in-adselfservice-http-and-https-ports-unresponsive
ADSSP request workflow with ADMP
Good day, having an issue with my ADSSP and ADMP integration. I have ADSSP configured for workflow when staff request to be added to groups. I have added a group as Requestor in ADMP with the appropriate role. When someone in the group that has not logged
Gina installation error
I've been having a problem for a few days with GINA installation. In log file i have this errors: ErrorMessage :: Couldn't turn off echo to hide password chars..Couldn't connect to \\K517\ADMIN$.The network path was not found.... com.adventnet.sym.adsm.common.server.NativeException
High Availability questions
I've got the HA license and am trying to set it up, but the documentation is, in a word, sparse. I created an external database server, migrated my primary to use it, set up another instance of ADSelfService Plus, got it working, and then set up HA. It
The issue of users continuously using tools to change passwords on the website
Hi Admin, Currently, the tech-savvy users in our company are using tools to exploit our website's Change Password feature to revert to old passwords. We have implemented a restriction disallowing the reuse of the last 10 passwords. However, users have
Language customization Website Admin
Hi Admin I find language customization in ADSelfservices to be essential, but there is one drawback: it does not allow editing or adding certain codes such as <b>, <br>, and <Center> on the website. Previously, IT provided instructions for language customization
Is ADSSplus working with Windows Hello (Pin-code) ?
Hello, im testing ADSSplus for MFA for endpoints (Windows 10). I configured all settings, and its work nice, when user enter a password then he need to finish 2nd FA. But i want to setup PIN-code + mfa from ADSSplus and when user enter pin code he does
ADSelfService Plus now supports hardware TOTP tokens as an authenticator
Hello everyone, We are thrilled to announce the release of ADSelfService Plus' latest build, 6212, with the following updates: Feature: Hardware TOTP token support: Hardware tokens such as Protectimus hardware TOTP token and Deepnet Security hardware
No domain could be discovered but domain already exists
Hello, My ADSelfservice Plus configuration was working well for weeks and since yesterday the access to reset password is denied for users. When I'm clicking on domain settings it says "No domain could be discovered. Please add domains manually" and my domain does not appear anymore. When I'm trying to add it manually the answer is that "Domain already exists" What could I do to resolve this ? Thanks in advance
ADSelfService Plus UI Design
Team, Will there be any build releases that update the UI design of this application in the near future? In comparison to a large number of your other products (ADManager, Service Desk Plus and ADAudit to name a few) the layout and design of Self Service seems to have been neglected quite significantly. Thank you.
SMTP Configuration, all parameters return invalid configuration
Hi I'm evaluating the product, I've already made the various domain settings without encountering any anomalies, the procedure is linear, while I'm having difficulty configuring the sending of emails, extremely as it is the most trivial, every type of
Customize Username Example on Password reset page.
I would like to know if it is possible to change the way the example is shown. when the user resets their password. As shown in the attachment, the example is (First Initial, Last Name). Our company does not use (First Initial, Last Name) user id. Rather we use (First Name. Last Name). Having it as shown in the image would only confuse my users. I am using ADSelfSerivce Plus Product Version 5.8 - Build 5815, on Windows Server 2016
How to dis-enroll disabled user from ADSSP
Hello Team, As per GDPR policies, it is not permissible to delete users from AD upon their exit; they must only be disabled. However, once a user has been disabled from AD, they are not automatically removed from the AD Self-Service portal. Would it be
Azure MFA User Mapping
Hi, in order to use Azure MFA in need to map the users email address as user pattern, this is option is currently not available for the azure ad setup in the username pattern fields Any solution on this? Thanks
CVE-2022-38023 and ADSSP single sign on
Morning Folks, I'm showing event 5840 on my DCs with the account name of the single sign on computer object for AD Self Service Plus. If I apply KB5021130 to my DCs will that break the single sign on piece of ADSSP?
Yubikey with more than 1 domain
We have two AD Domains (lets call them X and Y). We will be migrating all users from domain X to Y. Currently, we have Yubikey setup for MFA for domain X, which we use for VPN validation, after entering username and password (Cisco AnyConnect). ADSS is
ADSelfService agent installation
Hello, I am having a challenge to install ADSelfService msi agent through Group policy, The policy arrives on the computers but fails to install the agent
Forced Enrollment GPO takes two logins to apply
Upon adding the GPO to the domain using the instructions in the link below, the users are not being prompted until their second login. What is the reason for that? https://password.owlautocs.com/help/admin-guide/Configuration/Admin-Tools/Enrollment-
Very small text on MFA logon screen when resolution of TV is set to 4K (3840x2160)
Good afternoon, I had an end user report that they effectively couldn't see the logon screen for MFA very well in one of our conference rooms in which the resolution of the TV is set to 3840x2160 with scaling in Windows set to 300%. When I changed the
An update to the recent threat activity observed by CrowdStrike on CVE-2021-40539
ManageEngine is aware of the recent post by CrowdStrike regarding their observation of threat activity potentially exploiting CVE-2021-40539. CVE-2021-40539 refers to a vulnerability that impacted ManageEngine ADSelfService Plus versions prior to September
ADSelfService Plus' build 6303 now released with issue fixes
Hello everyone, This is to announce the release of ADSelfService Plus' latest build, 6303. Issues fixed An issue in build 6302 which caused a problem in the functioning of configured custom SAML applications has now been fixed. An issue which prevented
This site is not secure - Logon screen only
Hi, I recently installed AD Self Service and it works just fine with HTTP. So, I tried to enable HTTPS and I generate a CSR through AD360 and issued a certificate through my local CA ( ADCS ) and uploaded the certificate, seems to work just fine. whenever
Disable Security Questions
Why is there no option to disable security questions? Other MFA options are sufficient without them, like an authenticator app, etc.
ADSelfService Plus' build 6302 now released with issue fixes
Hey everyone, This is to announce the release of ADSelfService Plus' latest build, 6302. Issue Fixes: A response code mismatch in the error message for API failure has now been fixed. An issue that caused the ADSelfService Plus mobile site to not load
Testing/rescinding authorization
Is there a way we could test from the portal authentication? I.E. I authenticate just fine, my users are reporting problems with authentication, I make a change to fix the issue, but I can not currently test this change. Along the same lines as testing,
ADSSP and ADMP integration
Hi All, I have ADMP and currently evaluating ADSSP. I have integrated the two and I am able to submit and approve basic change requests from ADSSP to ADMP. I would like to limit my users to pre-defined departments (71 departments) and/or titles (261 titles)
ADSSP Quick Enrolment Pop-up, always bringing itself to front
Hi everyone, We're experiencing an issue with the ADSSP Quick Enrolment Pop-up (via Force Enrolment via Logon Script) forcing itself to the front, meaning users are unable to open any other applications (such as Outlook to confirm their emailed OTP) or
the password reset is not activated for your account
Hi Team. Nice to greet you. I am Rafael Aguilar, administrator of the password self-management platform for the company Empresa Nacional del Petroleo (ENAP) located in Chile. I have a problem with a user who cannot change his password because he gets
Netmotion Mobility Client/Absolute Secure Access VPN
Hi, We just purchased AD SelfService Plus for our organization and I'm in the process of setting things up. We use Absolute Secure Access (used to be Netmotion Mobility Client they were recently acquired) for our VPN. Has anyone successfully been able
Feature Request : Backup cleanup task
This product unlike most of the others ME produces does not seem to have a cleanup task for old backups or a setting to set the number of days to keep. I would like to see this added to the product as it helps keep everything clean and automates the cleanup process.
ADSelfService Plus build 6301 offers several enhancements and issue fixes
Hello Everyone, We are glad to announce the release of ADSelfService Plus' latest build, 6301. Enhancements macOS Ventura is now supported by the macOS Login Agent. A user belonging to multiple domains can now use the same YubiKey device for authentication.
Use DUO Security MFA for single policy
We are configuring the product AD Self Service Plus. It appears that if Duo Security is configured as an Authenticator for any policy it becomes a mandatory step in completing enrollment for all policies, even if the specified policy advanced tab chooses
Request add more method for support 2FA
1. Mobile Authenticator of ADselfservice or 3rd party 2. Multi-protocol security key such as yubikey by yubico | https://www.yubico.com/products/yubikey-hardware/ 3. FIDO2 for passwordless authnticate https://fidoalliance.org/fido2/ Thank you for build great app and great support.
Password complexity by number of character types
A password requirement that specifies the number of character types, rather than the number of characters of a type, would be a nice addition. For example, if you specify that there must be 3 different character types, then "Password!" would be allowed
Change the password through ADSelfservice to synchronize the new password to the laptop
When employees are outside the company and cannot access the company network (no VPN service, etc.) But the password expired due to the policy. He can change his password through ADSelfservice (web), but the password cannot be synchronized to his laptop
[Online seminar] Tips and tricks to enhance IT security. Register now.
Hello, We are thrilled to send you this exclusive invite to be a part of Shield 2023: An IAM and Cybersecurity Online seminar on May 30. Our senior technology evangelists will be sharing their thoughts on how you can better manage, monitor, and audit
Endpoint MFA Licensing
When did the Licensing change happen i have 2000-user Professional edition licenses which had an endpoint MFA enabled and active,now suddenly you are asking money for endpoint mfa as an addon.
Next Page