GINA Customisation not working
We are about to purchase the licenses for AD Self Service Plus but I wanted to demonstrate the password reset function to the team before buying. I have made a small change to the Gina by unticking the Tile option and then installing the MSI manually on on PC but the tile is still present. Am I only able to do this customisation with the licensed version?
ADSelfService Plus 5707 Released !!!
Hello folks! We are delighted to announce the release of 5707 release. This includes support for OpenVPN, and few other issue fixes. Enhancements : Support for OpenVPN: ADSelfService Plus extends its cached credential update over VPN settings support to OpenVPN as well. Password expiration notifier has an option to not inherit child OUs while sending reminders. Issues fixes : Issue in configuring the password sync agent when ADSelfService Plus' server is connected through a proxy. Issue in migrating
Relocate SQL Database
I need to migrate my self service database to another SQL server. I saw one article saying I need to backup and restore the Master Key as well. I am able to backup but unable to restore the key as it says I need to open the master key first and I would need a password. Is that something thats set at install by the installer? Or is that step even needed or if I can just restore the database and repoint the selfservice password server? I have been unable to find an official guide for moving a sql database
Mobile SMTP settings not working due to formatting in Mobile field
We use formatting in our Mobile number field in AD. Unfortunately, when we configure the SMS settings via SMTP to use mobile number, it doesn't work due to this formatting. Can it be configured to strip formatting (ie all non-numbers) from the mobile number inside the %mobNo% macro? Or add a %mobNoNumsOnly% or something like that?
AD SelfService Plus and Citrix XenApp 7.6 needing it to work via receiver and or storefront
I'm looking for some guidance on what steps i need to take to get ADSelfService Plus to work for my 400 external Citrix users. Has anyone gotten this tool implemented within the Citrix XenApp Farm? Thanks Chris
Locking down the product for use externally
We've been using Self Service Plus for years now and are considering how to open it up for external users (not necessarily ona VPN, public access). Are there any KB articles we can reference? I've had a look through and can't find anything. Our problem is we have external vendor support users who have accounts in our system, but still need to reset passwords every x days. 1) Is opening this application (via a reverse proxy or the like) something that is supported or recommended? 2) Are there any
Missing Restrict Scheduler Rules
Anyone run into issues where newly created Restrict Schedule rule disappear after you create them? I just created a new Restrict Scheduler rule to run every morning restricting disabled/expired AD accounts but after saving the rule it doesn't show up on the Restrict Users Scheduler list.
second email address for users?
We use our ADSelf service product for managing passwords for our Windows server hosted rdweb applications. Our users are issued a windows username, but this is not used for actual email to the users, currently the hosted user domain account does not record the actual email address of the user. Because of this we can't use the email features in ADSelf Service. Is there a work around for this? Does anyone else have a similar setup?
ADSelfService Plus 5705 Released !!!
Hello folks! We are delighted to announce the release of 5705 build. With this build, ADSelfService Plus extends support to Linux machines, rolls out a few enhancements and issue fixes. Highlight: Login agent for Linux: Users can reset passwords and unlock accounts from the login prompt of their Linux machines. Enhancements Synchronize Active Directory password resets and changes across MS SQL and PostgreSQL accounts in real time. Ability to link user accounts for password synchronization using
Operator View all domains
Hi, I am trying to allow access to the admin console for our technicians (operator role) but they can only administer the domain their account exists on? How can I allow the operator role access to all domains akin to the super admin role? We also use ADAudit Plus and this allows to check box the required domains that the operator has access to, but I can't see this option in ADSelf-Service? Any help would be appreciated. Thanks
AD Self Service Plus as an Advertisement Engine
I have a concern with the fact that my local installation of AD Self Service Plus is being used to generate Webinar advertisements for ManageEngine's other solutions, in this case - AD360 the Integrated identity and access management (IAM) solution. I recently received an email from our helpdesk email address to our server admins address generated from ADSSP on our server advertising a webinar. I see this as an inappropriate use of the software and our server resources since I have purchased a license
Captcha Service - Screen Reader
Hi, We have identified an issue in our organisation relating to the Captcha functionality and users who are using screen reader software. The screen reader software being used does not work with the Captcha in its current state, would it be possible to add an audio option to play the captcha to those users and/or move to a service like ReCaptcha by Google: https://www.google.com/recaptcha/intro/v3.html I think they have a Open API to implement.. We wouldn't be keen on moving away from using the Captcha
How to configure TLS1.2
According to the release notes, the latest versions of ADSelfServicePlus support TLSv1.2. How is that configured?
AD SSP password notification bug (still...5 years later)
So we're using AD SSP 64-bit v5703. We having the same issue as reported in password expiry notification email. When we use the password notification, it works fine except when it sends a notification to a user on the day the user password expires. We're using the following HTML code with AD SSP macros: <p>Dear %displayName%,</p> <p>Your password will expire in %noOfDays% days on %dateTime%. You will need to change your password prior to this date/time to ensure uninterrupted access for your account.</p>(etc...etc..)
How to modify UI form Login and Page login
Hi, I want to modify UI form login and Login page. I saw tutorial in this post . But it's not everything that I need. I want modify more. I find file "DomainLogin.html" in "ManageEngine\ADSelfService Plus\webapps\adssp\html" .and get some code : <div id="LoginFrame" name="LoginFrame" objtype="LoginFrame" style="position: absolute; width: 325px; height: 205px; float: left; left: 571px; top: 76px; cursor: pointer;visibility:visible;;" class="whitetable ui-draggable dashedLineMOut"><div id="LoginFrame_txt"
Issue to execute Powershell Script into "Run Custom Script upon successful password reset / change."
Hi, I have a problem to execute Powershell into " Run Custom Script upon successful password reset / change. ". I have been execute VBS script with parameters and It worked correctly but the powershell not work correcty. The powershell Script is: powershell.exe PSWithParameters.ps1 %userName% %password%. PSWithParameters.ps1 is in the path. Thanks and regards, Gerardo Cortés
Self Reset Password not working
When a user tries to reset his password whitout the need of his old one, it does not work. Changing the password with the need of the old one does work.
ADSelfService Plus 5704 Released !!!
Hi, We are delighted to announce the release of 5704 build. With this build, you can enforce a disclaimer to limit the liabilities by specifying the rights of your organization. Feature: Ability to enforce custom user disclaimers: ADSelfService Plus now allows you to display custom disclaimers that users must accept before they can access the self-service portal. Enhancement: Password sync agent now supports TLS version 1.1 and 1.2. How to update? Update using service pack. New to ADSelfService
Password Reminder Notification has sending errors
I send email password expiration warnings every morning. Recently I have been getting error "432 4.3.2 STOREDRV.Storage; mailbox server is too busy; STOREDRV.Submisson.Exception:StorageTransientException.MapiExceptionRpcServerTooBusy; Failed to process message due to a transient exception with message Cannot open mailbox." randomly in my report. Has anyone else ran into this? I am using Office365 to send notification. Thanks,
SQL Server
Currently our databases are SQL SERVER 2012. That is getting old at this point We have the opportunity to migrate it to something current SQL SERVER 2014 or 2016 I was trying to find some info on the the website about supported versions, but I can’t find anything except that it is supported on MS SQL Anyway to find out what SQL SERVER versions are currently supported? Can it support High Availability?
Migrate from mysql to MSSQL and then attach to DB from new server?
I am working on moving ADSelfService to a new server and also a new database. Currently, I am running on a mysql database locally on same server as ADSelfService application. I'd like to run changeDB.bat to migrate the mysql database to my Microsoft SQL cluster. Then, after performing a successful migration, I'd like to build a new ADSelfService server and simply attach to that database up in the SQL cluster. Is this possible? If so, can you please provide commands?
ADSelfService Plus Fixes and Enhancements [2019]
Release Notes for build 5811 (Dec 28, 2019) Feature : Block breached passwords: ADSelfService Plus now supports integration with 'Have I Been Pwned?', which prevents the use of breached passwords during password change or reset by users. Release Notes for build 5810 (Dec 20, 2019) Issue Fixed: Issue in AltGr key usage in the GINA login agent when ADSelfService Plus' end-user portal is configured in non-english display settings. Release Notes for build 5809 (Dec 17, 2019) Enhancement: Option to resend
ADSelfService Plus 5703 Released !!!
Dear All, We are delighted to announce the release of 5703 build. This build rolls out a couple of new features along with some vulnerability fixes. Features: SAML-based single sign-on (SSO) via Line Works: ADSelfService Plus supports SSO via Line Works, which acts both as identity and service provider. Support for multi-factor authentication (MFA) via Line Works: ADSelfService Plus now supports MFA via Line Works, besides One Login and Okta, for user authentication during self-service password
How to setup connection when host ADSelfService outside office?
I have planned to setup ADSelfService Plus outside office by hosting in ISP data center, how to make connection between corporate AD and ADSelfService Plus. Thank you in advance for any suggestion.
Unable to get resources after doing url rewrite using IIS
I have accidentally posted under announcement but was unable to edit it. So any moderator who come across that post can remove it. Below is my current setup One point to know is the web server (aa.bb.cc) resides on a different server from ADSS+ I am able to access the login page normally using ADSS+ server ip My current configuration to access ADSS+ login page is as follows. Url: aa.bb.cc/password Rewrite url: http://<ADSS+ ip address>: 8888/showLogin.cc The login page can be shown but all the resources
Golden Image Install
Good Morning, Are there any steps that need to be taken when installing the ADSelfService GINA Agent to a golden image workstation that will be captured and copied for new workstations. I am primarily concerned with any issues that may be caused if the GINA agent assigns an ID to the machine when it gets installed, which would then be copied to all subsequent copied machines. Thank You, James Leitz
Application has not been installed properly
I am currently trialing AD SelfService Plus, with a view to purchasing for our organization. I have set up on the server and deployed the client software to one machine. The GINA configuration (from the server) has gone through fine, and I get a success message. Our server name is gct-dc01 and port is the default of 8888. On the client machine I can now see the "Reset/Unlock Account" link appearing but when clicking on it a white page appears (as though the client can't connect to the server?).
Introducing Weak Password Reporter Free Tool
The importance of using strong passwords for users’ end-point systems is critical to ensure the very survival of your organization as they could be easy gateways to access your organization’s mission critical data. Using strong passwords more of than not slows down, and even defeats the various attacks on users’ systems. For this very reason, IT administrators all around the globe continue to impress upon users the need for a strong password that contains a healthy mix of upper and lower case letters,
iOS/Android App Logon To Option & Push Notification Pop Up
In our environment we have 3 Domains configured and we have our users enter the Domain and Username in the following format when using AD Self Service Plus Domain\Username. No issue there but, on the iOS App it shows the Logon to option where as in the Android App it does not. Any particular reason why? Is there a way to make it standard for both? (see screenshots below) We would like the Logon To option to be hidden from the mobile app as well, as we have disabled the "Show 'Log on to' option
[Free Webinar] Secure Windows logons with two-factor authentication (2FA)
Social engineering attacks have increased and the advancements in these attacking techniques sure cause a concern about organization’s security. The easiest way to break into a network is by misusing a user’s identity. A strong password can also be compromised and we have to come to terms with password strengthening not being the only answer to protecting user accounts from these attacks. Join our product expert in this session to learn how to boost your organization’s security with an additional
ADSelfService Plus 5702 - Hotfix released !!!
Hi everyone, We're delighted to announce the release of ADSelfService Plus 5702 build. This build fixes several issues which include the following. Fixes: Issue of product crashing when the configured GINA Frame Text exceeded the character limit during translation. Issue which permitted users to close the password reset/account unlock window of the Windows logon agent is fixed. XSS vulnerability in the employee search, and the self-update layout. Issue in translating certain fields in the self-update
No Reports and new Technicians after switching Database?
Hello everyone, After switching the Database from one mysql to another mysql Database, we are no longer able to see auditreports or define new technicians. All we get is a message similiar to "No Reports available" and if we want to add a technician, we get a white Square, but the Users won't get listed. Is there any known way to fix this without reinstalling the tool? Thanks in advance - Dave
Change WebServer Port by Server
Hi Support team, Could you send me the procedure to change the webserver port by the server? I know to change it using the web console, however, the application is unavailable because of the port. Thank you.
ADSelfService Plus 5701 released with enhancements and issue fixes!
Hi everyone, The latest build of ADSelfService Plus rolls-out with enhanced mobile app deployment feature and couple other issue fixes. Enhancements: Trial mode: Test drive this feature by deploying the ADSelfService Plus iOS app for ten users’ mobile devices, with minimal configurations. Automated CSR signing from ManageEngine while configuring APNs. Schedulers to automate iOS app installation status. Fixes: An XML External Entity vulnerability that occurs while uploading product license is fixed.
[RESOLVED] ADSelfService Plus in a subdirectory from reverse proxy (nginx)
I have a website "example.org" and I want to add ADSelfService Plus to this website under "example.org/password". The problem I have is that I cannot make the configuration work. If I make it available from "example.org", everything works as it should. The moment I have it through "/password" I cannot log in or access any css files, only the indez page shows up. I have a rewrite url in IIS on the ADSS+ server so that it is avaible from http://serverip:80 Then I have the reverse proxy on another
Configure ADSelfServicePlus to use SQL server
Good day, For one my customers I'm trying to setup ADSelfServicePlus in a POC environment. The procedure for pointing the installation to SQL server (https://download.manageengine.com/products/self-service-password/configure-adselfservice-plus-with-mssql.pdf) is failing for me. When running changeb.bat I select MS SQL Server in the list box, I get a message I need to install the SQL native client first. But it's already installed. What is going wrong here? See attachment with screenshot. Thank you
Restrict Profile by IP Address
Is there a way in AD Self Service Plus to setup a profile with an IP address filter? We want to allow domain admins to unlock/reset their passwords but only from within the LAN and not from the WAN. So we would have 2 profiles, one that points to the regular users OU that is usable from any IP address and another profile that points to the OU containing admins that is only usable from the LAN ip addresses. Much like you can restrict the Admin login page by ip address/range.
Servicenow Single sign on integration
Hello, I have a problem with setting up of SSO for Servicenow via ADSelfService Plus. I went through the documentation on page https://www.manageengine.com/products/self-service-password/step-by-step-guide-for-servicenow-single-sign-on.html but when I am trying to use external login to ServiceNow using the email address am forwarded to ADSelfService Plus which is showing me error message Sorry ! You are not authorized to view the contents of this file. Back | Sign Out Do you have an idea what can
HTML-formatting
Greetings, I've built a HTML-formatted email that i've pasted into the admin console, but when I send it, it just sends as plain text. I've tested the emailtemplate in a browser and there it looks correct, and formats correctly. In earlier builds of ADSelfService you had to activate the HTML-function, if that's the problem with the new release, where do I find that option? Thank you in advance! B/R Filip
Support for multiple domains - aggregated stats
Hello all, We have 2 domains registered in ADSS. What we found was that you have to log in with a user from each domain to see only stats for that particular domain. There is no aggregated view of both domains that we can see in ADSS. Can you assist or guide us in the right direction? Regards, Stephan Terblanche
Next Page