How to change the email/sms template for OTP verify
Hi all, I am trying to find the configure to change the content of email/sms with OTP code. Now every time I add new email/mobile number and click verify, the email with OTP will be like this: "We received an enrollment request to use this email address
Clients installed via GPO don't show as installed in ADSSP
Hello, I have a logon script that checks if the ADSelfService Client is installed; if not, it runs the .msi silently via command line. This works just fine, and after logging in the client is successfully installed. However, when I navigate to GINA/Mac Installation -> Installed Machines, no new computers are shown. As far as I can determine, if the client is installed any way other than manually or via the ADSSP "New Installation" tab, the machine doesn't show as having a working client. Despite
Error message when installing ADSelfService Plus Service Pack
I'm updating ADSelfService Plus with service pack ManageEngine_ADSelfService_Plus_6_1_0_SP-1_6_0 and received error message during pre-validation: "Can't create/write to file "file path" #sql_1f18_0.MYi (Errcode: 2) I need to install this update due
How to have the support service escalation?
Hi all, Could you please to share me the contact for support escalation? I have a critical issue and pending 2 months without solution or feedback from supported. Thanks.
Changing password by ADSelfservice, then how to sync to laptop without local connection
Hi everyone, I am using ADSelfservice Plus for the user to change and reset the password (Web, Mobile App as GINA as well). Normally, user can use ADSelfservice to change the password if they are not in office, and the password will sync from AD to their
ADSelfService Plus' latest build 6117 now supports Azure AD MFA
We are excited to announce the release of ADSelfService Plus' new build, 6117, with the following updates. Highlight : Azure AD MFA support: Azure AD MFA can now be used for identity verification during self-service reset/unlock; self-service portal login;
ADSelfService Plus' latest build 6116 released with some security fixes
Important announcement: ADSelfService Plus 6116 has been released with the following issues fixed. Security Issue Fixes : All the API endpoints have now been strengthened to be more secure. A security vulnerability which allowed performing unauthenticated
AD Manager Plus
We are in the process to evaluate AD Self Service Plus. Our setup works fine for Windows machines however for MAC machines endpoint MFA, after entering username and password, MFA pop up comes as blank. While the reset and unlock screen works as expected
MFA for VPN doesn't accept Google Authenticator OTP
Dear Community, as I don't get an answer via Ticket, hopefully you could help me. I configured and installed everything accordingly to https://www.manageengine.com/products/self-service-password/help/admin-guide/Configuration/Self-Service/mfa-for-vpn-logins.html
Mobile App not working since Build 6114
Hello Everyone, Since updating to Build 6114 the mobile App stopped working on our End. After typing in the Server Configuration, the Connection can be established. unfortunately, we get an "unexpected error" when trying to reset the password while the
Skip MFA when ADSelfService is down does not work for OWA login MFA
We had to shut down our internal AdSelfService server for maintenance and this is what our users were greeted with when they tried to log into Exchange. No one could bypass the MFA error page despite us having the bypass checkbox selected.
How to mass-enable Endpoint MFA on client PCs
Hello, we are trying to roll out Endpoint MFA to all of our Windows computers. I've configured the policy settings we need but am looking for a way to mass-enable Endpoint MFA in the installed agents. From official documentation I am reading that for
Use ADSelfService Plus GINA agent without VPN to change cached credentials
Is it possible to configure a GINA agent so that it changes a cached credential but doesn't require VPN connectivity?
New Login screen --> traductions not working
In the new login screen in 6114 i can see "enter your password ..." switching to french language, this message is not translated I ve also modified the properties file to translate by myself, but it's not working Thanks
Mobile App vulnerability
Adding to the vulnerability reported in https://pitstop.manageengine.com/portal/en/community/topic/adssp-mobile-app-does-not-follow-the-mfa-for-reset-unlock The enabled setting: Self-Service > Multi-factor Authentication > MFA for Reset/Unlock > MFA for ADSelfService Plus Login When using Change Password on the Web-browser of a laptop/desktop, this bring a MFA option to go through which is good and needed. However, when performing Change Password from the mobile app, there is No MFA requested..
ADSelfService Plus 6114 Security Fix Release
Important announcement: The latest build of ADSelfService Plus, 6114, has been released, and it fixes the authentication bypass vulnerability [CVE-2021-40539], apart from bringing new features and improvements. Below is a list of all the updates:
FBI, CISA, and CGCYBER strongly urge organizations ensure ADSelfService Plus is not directly accessible from the internet
I am reading the following on https://us-cert.cisa.gov/ncas/alerts/aa21-259a FBI, CISA, and CGCYBER strongly urge organizations ensure ADSelfService Plus is not directly accessible from the internet. But then the solution isn't accesible for the users
Unnecessary change introduced in latest Build 6114
the latest build 6114 is causing users to enter and re-enter CAPTCHA code twice instead of once, which was working fine in the previous build. Also, the first attempt to log in does not even present the option the type in the password. Please see attached
ADSelfService Plus' latest build 6115 released with some security fixes.
Important announcement: ADSelfService Plus 6115 has been released with the following issues fixed. Issue Fixes : When a custom attribute's display name containing \ or " was added to the employee search display column, no results were returned for an
ADSelfService Plus 6112 Hotfix Release
Hello everyone, We are glad to announce the release of build 6112 with the following enhancements and issue fixes: Enhancements : Mac Agent support has now been introduced for macOS Big Sur. Mobile app support to block specific email domains and mobile
ADSelfService Plus 6113 Hotfix Release
Hello everyone, We are glad to announce the release of build 6113 with below issue fixes: Issue Fixes : An issue which restricted users with special characters in their passwords from logging in to the portal via the mobile site has now been fixed. An
Implementing MFA with VMware Horizon View using Radius authentication
I am curious to know if there is a ay to use ADSSP's MFA with VMware Horizon View virtual machines. I know GINA does not work for instant clones, but I was curious if using the RADIUS setup with ADSSP and configuring Horizon View to use RADIUS would work.
Password Sync tool
Sentionalone is quarantined passwordsync tool on domain controller ,firstly it is unsigned exe second its trying to change Registry its being quarantined.
Upgrade failed to _6_0_0_SP-9_9_0
Dear Team, I am using version build 6008, downloaded https://www.manageengine.com/products/self-service-password/5311766/ManageEngine_ADSelfService_Plus_6_0_0_SP-9_9_0.ppm to upgrade. I got the message that the upgrade process was failed and uninstall
ADSSP Client and Duo Logon
We currently use Duo Logon (Windows/Mac/Linux) for 2FA on all end points because it has an "offline" option on Windows and Linux as well as supports RDP and SSH, which ADSSP Client MFA does not support. However, we would like to add the ADSSP Client
Technicians with some admin functions
Hi, Is there any way to give admin functions to technicians without give admin profile? e.g. massive enrollment by csv. And we have 2 domains but if I set a domain user as a technicias, he only see his domain. Is there any way to see both domains with
ADSelfservice unavailable until I login as admin on server.
Hello, I have such problem, adselfservice is not working until I login as admin user on windows server only in this case all need services are starting. Is any way to resolve this issue, because my windows server reboots on its own in night hours after
ADSelfService Plus' latest build (6111) released with MFA for OWA, OAuth and OpenID Connect support!
Hello everyone! We are glad to announce the release of ADSelfService Plus build 6111 with the following features: Highlights MFA for OWA/Exchange Server: Strongly secure your Exchange environment with a dedicated multi-factor authentication (MFA) setup
ADSelfService Plus 6110 released with an important security fix
Hey there! We are proud to announce that the latest build of ADSelfService Plus 6110, fixes an important vulnerability reported by HaYiCle from E-CQ through our bug bounty program. Security Issue Fix : Fixed the account takeover issue by enforcing SAML
URL for direct searching
Hi I am looking for the syntax to use in the URL to search for a specific user, something like: https://adselfservice/EmployeeSearch.cc?search="Bob" Can you help? Thanks
ADSelfService Plus 6109 Hotfix Release
Hello everyone, We are glad to announce the release of build 6109 with the following issue fixes: Issue Fixes : The VPN Group Name field is no longer mandatory while configuring Cisco AnyConnect for updating cached credentials over VPN. The issue that
ADSelfService Plus now supports Passwordless Login!
Hello everyone, We are glad to announce the release of ADSelfService Plus build 6108 with the following features, enhancements, and issue fixes: Features Passwordless Login: ADSelfService Plus and other SSO-enabled applications can now be accessed using
ADSelfService Plus
ADSelfService Plus Is it possible to reset the password without entering the domain for users outside the organization? Is it possible to reset the password the first time after creating the account based on SMS?
ADSSP cannot identify if user account is moved from one OU to another
ADSSP provides a good feature of Restricting user accounts that are in specific OUs. The schedule scan works fine. But there are situations, an account that was placed in the Restricted OU is moved to another OU which isn't set as restricted in ADSSP.
No language selection option in Change Password & Enrollment process web-page
Hi ManageEngine In the ADSSP web-portal, there is no language option offered for a user to select from during the Change Password & Enrollment page. This is has been noticed and reported earlier through some Support case with ManageEngine technicians.
ADSSP sends Email notification even to excluded OU & its sub-OUs
Hi ADSelfService Plus Team, Enrollment Notification email is setup & configured to be sent to specific OUs in every domain. The OU and sub-OUs which should not be receiving the Enrollment notifications have been excluded in the ADSSP Portal. However,
Password Requirements on Change/Reset Password Pages
Hello - We're in the process of updating the password requirements for the domain we have ADSSP sync'd to (8 to 12 char minimum, 90 day change cycle, etc.). As it sits, the existing page doesn't even match our current policy. We were under the impression
AD Self Service Plus MFA UAC elevation
Could a feature be added the enables a MFA prompt when UAC elevation is triggered? Here is an example of what DUO MFA does: https://help.duo.com/s/article/5806?language=en_US Thank you, Evan Tisher
ADSelfService Plus 6107 released !!!
Hello everyone! We are elated to announce the release of build 6107 with significant new enhancements. Enhancements: The jQuery library used in the product has been updated from version 1.11.3 to 3.5.1. The Bootstrap framework used in the product has
Auto User Creation - API
Hello there! ADSS is able to auto create users (quick enrollment) with some options, but they are not really quick. So I've request for a feature to allow using some API/script to enroll users. In our environment, we use a script to create the user in
Next Page