Best practices to enhance the protection of ADManager Plus
Modify the permissions of ADManager Plus installation folder
Starting from 7210 release, the Authenticated Users group will be removed access to the installation directory, and only users in the SYSTEM, Administrators, Domain Admins groups, and the user account linked during installation will have default access.
If you are using builds prior to 7210, to remove the Authenticated Users group from ACL you can either manually modify the permission settings or use the SecureDeployment.exe file to automatically modify the settings.
Click here for detailed information about this scenario, and the steps to modify the permissions of ADManager Plus installation folder.
Disabling or restricting the Employee Search option
Based on the specific needs of your organization or for security reasons, you can:
Limit the scope of Employee Search to only specific domains, or OUs.
Specify the details of users or contacts that can be displayed in the search result.
Specify the attributes or details based on which users or contacts can be located.
Disable the Employee Search option completely.
Click here for the steps to customize or disable the Employee Search option.
Change the default admin password
Why should you do this?
We recommend that you change the default admin password, at least before you move to the deployment phase from the evaluation phase, for security reasons. You can change the default password in the My Account section found in the top right corner of the product's web-console.
Click here for steps to change the default admin password.
Additional security for ADManager Plus logins
ADManager Plus supports smart card, two-factor authentication (TFA), CAPTCHA, etc. and also allows you to block users in case of bad passwords, to enhance the security for user logon process and prevent unauthorized users from logging in. Click the links below for steps to configure the various options to secure the logon process for your users.
Security hardening
ADManager Plus offers a series of security and data privacy options to improve your management and reporting experience, secure access to the product, secure data disposal, and more. To learn how to configure the security and privacy settings in ADManager Plus, click here.
New to ADSelfService Plus?
Related Articles
How to update ADManager Plus' built-in PostgreSQL database
Steps to update your ADManager Plus instance's PostgreSQL database Stop ADManager Plus by navigating to Start > ADManager Plus > Stop ADManager Plus. Note: If you have installed ADManager Plus as a Microsoft Windows service, stop the service by ...How to update ADManager Plus' built-in PostgreSQL database
Steps to update your ADManager Plus instance's PostgreSQL database Stop ADManager Plus by navigating to Start > All Programs > ADManager Plus > Stop ADManager Plus. Note: If you have installed ADManager Plus as a Microsoft Windows service, stop the ...How to integrate ADManager Plus with Paylocity and enhance workforce productivity
Overview Paylocity, a cloud-based payroll and human capital management (HCM) software provider, empowers organizations to efficiently handle payroll processing, generate reports on workforce trends and performance, facilitate an employee self-service ...How to integrate ADManager Plus with Calamari
Overview Calamari is a cloud-based human resources solution that helps organizations manage their workforce and achieve compliance with various regulations. The solution provides automated time tracking, compliance management, leave management, ...How to integrate ADManager Plus with ActiveCampaign
Overview ActiveCampaign is a dynamic and comprehensive customer experience automation platform, offering organizations the tools to automate marketing, sales, and customer engagement processes, ensuring tailored interactions and efficient ...