ADSelfService Plus 5.3 Build 5300
Hi, We are glad to announce the release of the latest version of ADSelfService Plus – 5.3 (build 5300). This new version introduces ‘Help Desk Assisted Self-password Reset and Account Unlock’ along with some major enhancements and bug fixes. Features: Help desk assisted self-password reset and account unlock using Active Directory attributes as security questions to verify user identity. Enhancements: Updates Java Runtime Environment package to version 7. Supports TLS 1.2 for heightened security.
Password history enforcement
We have deployed ADSelfservice Plus and are using it successfully. However we just discovered what could be a major issue. It appears the product allows users to re-use passwords, because it doesn't look at the AD password history. I found and checked the box on the Policy Configuration screen, under Reset & Unlock, that says "Enforce Active Directory Password history settings during password reset", but it doesn't seem to work. In testing I can reset a password, then run again to reset to a new
Bad Notification Message When Linking Accounts Fails
Hello ADSelfService, We have a IBM AS400 system and would like to give our users the possibility of reseting/unlocking their AS400 account's with the self-service functionalities. When trying to link accounts, the system throws a bad message if a user enters the wrong credentials: {"TEXT_KEY":"ads.common.error.invalid_credential","SEVERITY":"severe","ERROR_CODE":7,"ERROR_KEY":"INVALID_USER_OR_PASS","DISPLAY_TEXT":"Invalid User Name or Password"} The normal user won't understand what is going on.
setting up SSL via tomcat/adssp
So, I've created a new java keystore using the keytool app, I've imported our companies public and signed certificates to that keystore. I've copied the keystore to the /conf/ folder and renamed it to selfservice.keystore. I've adjusted the server.sml to point to the new keystore and added a few recommended options to get our certs to load: <Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol" name="SSL" maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
Trying to implement SSL for ADSSP
So, I've created a new java keystore using the keytool app, I've imported our companies public and signed certificates to that keystore. I've copied the keystore to the /conf/ folder and renamed it to selfservice.keystore. I've adjusted the server.sml to point to the new keystore and added a few recommended options to get our certs to load: <Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol" name="SSL" maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
Problems Updating Secutiry Que & Ans from IE
Hello ADSelfService, IE is a commonly used browser in our environment, and in the majority of cases, some users are restricted to use other browsers to access the network where our ADSelfService Server is installed, whitch makes IE a very important browser for this tipe of users. We noticed that users aren't being able to update their Security Q&A from IE, but in turn, if an other browser is used (i.e FireFox) they manage to update the Q&A. Is there a way to troubleshoot this? Thanks & Regards,
AD Self Service Plus icon missing
After installing the product on a 2012 server, it ran. I made changes that would allow for SSL. I had to restart the server in order to complete the changes. After I shutdown the AD SelfService Plus server it would not come back on. Then I remembered I had set it to run when windows starts. So I rebooted the entire server. It still will not come up. I looked in the install directory, but there are no exe's to run. Additionally, there is no program called AD SelfService Plus in the start menu.
Password Expiry Notification test email?
I have had the password notifier setup for a few years now without issue, getting ready to update the email verbage and was wonder if there is a way to send myself a test message with the updated verbage from the notifier to see how the format looks in email? thanks in advance! -Kevin
Password Expiry Admin Mail Delivery Notification
Hi Team, We have just implemented your password expiry module and its excellent. However we only seem to ever get the admin mail delivery notification if we actually start the Client portal application. I would have thought the ADSelfService "service" (we installed the service) would perform this task and not rely on a foreground application. Would this then also apply to the notification email going out to end users? Cheers
Enable Hide Self-Service Admin Login
Hello I unknowingly enabled the 'Hide Self-Service Admin Login' without providng exceptions. How do I re-enable it or be able to login as admin ?
Virtual Machines and Thin Clients
Hello, Is the AD SelfService plus available for Virtual Machines? and if so, what about for use on thin clients/PanoLogic with a non-windows logon? For Example: Not all of our end users log in at a windows logon screen. Some have to log into the PanoLogic screen which then authenticates both Pano and Windows logon. Thank You, Marissa Defino
GINA/Mac Installer not usable after product upgrade
I upgraded from build 5206 to 5302 this weekend and now I have lost the ability to use all the tabs in the GINA/Mac Installation section. When I click on them, I get the message "Sorry, the page you requested was not found. Back | Sign Out". See attached for screenshot.
HTML Emails
When I select to send the emails from ADSelfService Plus in HTML the line breaks do not come through propertly. The email is sent as one running line that just wraps in the users email client window. Is there something else that needs to be done in order for the email layout to carry through when HTML is chosen? Thank you!
Enrollment notification email message
I have an issue when trying to change the email enrolment notification. When I try to change %userName% to anything else, it does not work. Eg, if I try to change it to %givenName%, the email will just show Dear %givenName", instead of the user's given name in AD Example: Dear %userName%, We have deployed a password self-service tool to help you reset your Windows domain..................... This works and will show the username in the email (eg, Dear John.Smith) Dear %givenName%, We have deployed
Error To Transfer To SQL Database
Unable to transfer to SQL database , I got below error at java.security.ProtectionDomain$1.doIntersectionPrivilege(Unknown Source) at java.awt.EventQueue$4.run(Unknown Source) at java.awt.EventQueue$4.run(Unknown Source) at java.security.AccessController.doPrivileged(Native Method) at java.security.ProtectionDomain$1.doIntersectionPrivilege(Unknown Source) at java.awt.EventQueue.dispatchEvent(Unknown Source) at java.awt.EventDispatchThread.pumpOneEventForFilters(Unknown
ADSelfService Plus 5.3 Build 5302
Hi, We are glad to announce the release of the latest build of ADSelfService Plus – 5302. You can now send enrollment and password expiry notifications as push notifications to end-users’ mobiles. This release also includes enhancements to auto enrollment, forced enrollment along with some major bug fixes. Enhancements: Mobile Push Notification support for enrollment and password expiry notifications. Now automatically enroll users by creating a scheduler for importing enrollment data from a CSV
IE8-11 enrollment by google authen not success via web portal when hit enter button
I'm testing enrollment process and found some problem only on IE8-11. When try to enroll by google authenticator. 1. user log in web portal. 2. user scan qr code on web portal 3. user enter 6 digit code 4. user press enter button on keyboard !!!!! instead of click enroll button 5. There is message show successfully enrolled! 6. click on enrollment tab again to check not found red message you have already enroll. 7. check on enrollment report. show -NA- 8. If click on enroll button in web portal and
ADSelfService Plus Fixes and Enhancements
Version 5.3 Build 5301: (21/May/2015) Enhancements: Option to set the keystore password, which will be encrypted for heightened security, directly using the product UI. Issues Fixed: Issue in automatically enrolling users using external data source when ‘Overwrite enrollment data’ option is enabled. Issue in syncing Oracle Database and Office 365 passwords when the password contains special characters. Issue which caused the loss of enrollment data while editing security questions. Issue which launched
Delivery Report for Email notifications is wrong report
Greetings, Our ADSSP is configured to email the delivery report daily to our support SharePoint and to me directly. The email is being sent correctly and to the correct recipients, but, it contains the wrong report file (XLS format). The attached report is the Soon To Expire Password Users Report instead! Huh? Thanks, Steven
Adding a feature to the mobile device App?
I have a significant amount of staff who are looking for a mobile tool to see the organization chart and search employee's while out of the office visiting clients or on the road. Is it possible to have the Organization Chart and also the employee search fields added into the mobile device App? I have had a look but I have not been able to find how to enable this feature
Additional Features in AD Self Service
Good morning, I wanted to inquire and see if someone can answer the following questions: 1. Does AD SelfService Plus offer two factor authentication for the enrollment process? 2. Can notifications/reports/logging work with third party tools such as Splunk? 3. How do I customize/edit some of the pop up messages already built into ADSSP? Such as the force enrollment prompt? 4. Has there been any successes with ADSSP and McAfee EndPoint encryption? Any answers would be greatly appreciated. Thank
Proper way to upgrade ADSelftService
We have a small AD in the lab with about 30 users and wanted to use the free 50 user system. I tried to upgrade from 5.3 to 5.3.1 today and it said I need to uninstall. I then uninstalled and did a reinstall. Upon choosing the same folder it says "Some files exist in the specified directory. Kindly provide a different". Did I lose my config? I did a backup but what gives, how do you upgrade this thing??
Upgrading to build 5301 from build 5106
Greetings, We are planning to upgrade our ADSelfService to the latest released build. Our environment has several computers with the GINA agent installed with our current build (5106). Is there any compatibility issue with our agents on working with the latest build, or any other issue that we should be aware about? Looking forward to explore the new enhancements! Thanks & Regards Mércio
Remove My Info tab in AD Self Service Plus
Does anyone know how to remove the "My Info" tab when a user logs in to AD Self Service Plus? We only want users to be able to enrol and change password from this screen, so do not want to show the My Info tab
Settings not being saved when setting Security Q&A Strengtheners
Hi I am running ADSelfService Plus and have chosen to display 2 Q&A to the end user but they are coming up one by one and any setting I add to the Q&A settings page even after a save revert back to being ticked Display 0 questions out of 2 at random and not keeping my radio button for all security questions. I have tried restarting the service but it is still the same. Thanks
Restrict users on-demand
Hi, I see on the ADSelfService console there's a way to restrict users, but it only lets to restrict disabled, deleted or inactive users. Is there a way to restrict enabled users? For example, we want to restrict the POS users, in case there's a person who wants to try to register it. Regards! Sergio Hernández.
Enrolled users migrated to different domain
Good Afternoon I have around 350 users enrolled for password self-service on one of our domains. These user's have since been migrated to a different domain. Is there anyway to move the enrolled users within ADSelfService Plus? Or do they need to re-enrol on the new domain. Thanks Kevin
Restrict number of mobiles
How to limit the numbers of mobiles to only one which recorded in Ad ?
Problem while restoring db
Hello, I'm working through a project to migrate our 4.5 AD SS server from an XP machine to Windows Server 2012 VM. I have successfully upgraded AD SS v4.5 to v5.3 w/ SP 0.1 (build 5301) on the XP machine, installed 5301 on the new server, and verified that the old XP installation and the new 2012 install are working. While following this article; I have attempted to restore the XP database.zip file to the new server, but receive the error "Problem while restoring db". I have also reached out to
Adding Technician
Whenever I add a new technician as a SuperUser, the user who is being assigned those privileges does not see any of the tabs associated with being a technician. They only see the same tabs as a regular user would see. I have added them both from my login and as the Admin account and the same thing occurs.
Password Sync Agent on Windows 2012
It appears that installing the Password Sync Agent successfully installs as a service on Windows 2008, but fails to install as a service on Windows 2012. Is 2012 a supported version? The only requirements listed in the admin documentation are a non-core installation, and .NET 2.0 be installed. Does not installing as a service mean it will not function on those servers?
Creacion de politica en adselfservice plus
Buenos Dias Me gustaria que me ayudaran en lo siguiente quiero crear de Una Política la cual sea permita Realizar la inscripcion automatica de los Usuarios Que se encuentran en Una Unidad Organizativa en ESPECIFICA del Directorio activo Que Apenas realicen el inicio de sesión En sus equipos El Sistema los obligue a inscribirse
Add Query-based Distribution group to be select in select OUs/Groups for Policy configuration.
Does it possible to use Query-based Distribution group in Policy configuration? Right now it show 2 groups type Security and Distribution.
report can't be run manually?
Hi there, When playing around with Reporting ... I realized that there's an entry that's only available when creating new scheduled reports. When creating new scheduled reports , under Select Reports section > Report Category . there's an extra report available on the Select Reports check boxes: Soon-To-Expire Account Users (circled blue on both screenshot below) That one is not available when viewed on the Reports page so i can't run it manually. Also, during the creation of new scheduled reports,
ADSelfService Plus 5.3 Build 5301
Hi, We are glad to announce the release of the latest build of ADSelfService Plus – 5301. This release introduces an option to encrypt and secure the keystore password and also fixes a lot of issues in the product. Enhancements: Option to set the keystore password, which will be encrypted for heightened security, directly using the product UI. Issues Fixed: Issue in automatically enrolling users using external data source when ‘Overwrite enrollment data’ option is enabled. Issue in syncing Oracle
Custom Password Reset Page
I am trying to customize the verbage on the password reset page. I entered basic HTML code and saved the file but I get everything displayed including my HTML tags. What am I missing? Also I have noticed that the data is displayed differently when the user logs into the application to reset their password versus when they simply click the reset password button and answer the security questions. Why is that?
Customizing the Password Reset Page
I am trying to add custom verbage to the password reset page. I have modified the html document and entered some pretty basic html commands. However, all content is displayed, inlcuding my html tags. What am I missing? Also the format which the text is displayed is different when someone signs in to reset their password versus when someone just clicks the reset password and answers the security questsions. Why is this?
Fine Grained Policies
Is it possible for ADSelf service to reflect fine grained password policies in the requirements listed when users are resetting passwords? Right now the page reflects the default domain policy, since my users are using fine grained policies these requirements are being reflected incorrectly... If not, can I manually modify the page to reflect the proper requirements?
AD SelfService Plus Certificate Help - Microsoft CA
I am having trouble with getting a certificate from my 2012 R2 CA for AD SelfService Plus. The documentation that I have found on the forums does not work. Can someone provide me with a working complete walk through. SelfService Plus is 5.2 5206 Thanks.
[AS400] Restricting the input of some special charecters on password reset/unlock
Hi, I would like to use the password synchronizer but, since the AS400 system runs on a diferent password policy than our AD (inputing some special charecters doesn't work), it would be a problem for us because our AD password policy is naturally more complex. In the act of password reset/unlock, is there a way to workaround this on ADSelfService level, by establishing a password policy in wich I can restrict the input of some special charecters (with a "charecters not alowed" field)? Or in any other
Next Page