ADSelfService Plus 5328 released! Features mobile app customization.
Hello Everyone! We are glad to release the latest version of ADSelfService Plus – build 5328. This release has options to customize the mobile app home screen, enhancements to password policy enforcer, and some bug fixes. Enhancements: Mobile app customization: Now you can completely customize the home screen of the app and disable access to certain features Dictionary rule in password policy enforcer can now be configured to restrict password that is either an exact match of a dictionary word or
ManageEngine Free Training! - Register Now
ManageEngine's ADSelfService Plus free online workshop series is back with a bang! This time around, we'll be exploring topics never covered in any of our previous workshops to get the best out of ADSelfService Plus deployment. Ready to see how easy password management can be? ADSelfService Plus free online workshop series April 18 - May 18, 2017 Register Now Password management implementation: Best practices Join our ADSelfService Plus veterans and learn about the ways to implement
Tomcat 6 and Java
Our Information Security team has brought forward a few concerns and would like to know what are Manage Engines plans to address the following: Tomcat 6 End Of Life 12/31/2016 (http://tomcat.apache.org/tomcat-60-eol.html) Numerous high-severity vulnerabilities publicly documented. High — Java 1.7.0_55 Limited Encryption Algorithm Selection in Java 7 especially when considering forward compatibility End of Life September 2017 (http://www.oracle.com/technetwork/java/eol-135779.html#Java6-end-public-updates).
Spelling Mistake
The word destinations is spelled incorrectly. How can we fix this?
Did you know - How to install ADSelfService Plus as a Windows service?
ManageEngine ADSelfService Plus can be run both as an application and as a Windows service. When installed as a Windows NT service, the tool will be up and running in the background even when the user has logged off from his system. Steps to install ADSelfService Plus as a service: For Windows 7 or older versions Navigate to Start menu -> All Programs. Select ADSelfService Plus -> NT service Click on "Install ADSelfService Plus as Service" option. For latest Windows OS versions Click on the Window
Blank page after self service password change
When our users use the self service portal to change passwords, instead of confirmation or failed page after attempting reset they get a blank page. Any idea what would be causing this? It will take the new password if it's in compliance, but the user has no feedback on if it succeeded or failed.
Change language select menu position
Hello, I left only a link to reset the password for the user and I want the language selection menu to be near. How I can move language selection menu? Regards, Anton
SSL Go Daddy Certificate
Hi I have a Go Daddy certificate, run it though Keytool OK, moved the selfservice.keystore to the conf folder restarted the service and even rebooted the server - but still i get a certificate error via the URL. Bit baffled to be honest does anyone have any hints or tips? Simon
ADSS will not start. Event log says it has no exception data. Help!
Thanks in advance for any and all advice. --------------- Here is the system log: The description for Event ID 7024 from source Service Control Manager cannot be found. Either the component that raises this event is not installed on your local computer or the installation is corrupted. You can install or repair the component on the local computer. If the event originated on another computer, the display information had to be saved with the event. The following information was included with the event:
Did you know - How to configure Single Sign-On in ADSelfService Plus? (Part 4 - Salesforce)
Salesforce is considered to be a behemoth when it comes to cloud apps which help you boost your sales. Most companies, worldwide, depend on their marquee product Salesforce CRM to manage all their customers, partners, and prospects information from a single console. Wouldn't it be great if your sales team could have a hassle-free login experience to all the business critical apps in Salesforce software suite? The ADSelfService Plus' single sign-on(SSO) feature does exactly that. Upon configuring
Very slow to return response on password resets
Hi all, I am currently in the middle of setting up a POC of this product, we are hoping it will solve our issues with syncing up Azure AD and on prem domain passwords without paying the stupid Azure AD premium costs. So... i've got it set up. O365 linked and full AD domain linked. It works... BUT... It is incredibly slow to return a response when resetting passwords. Performance is totally fine with every other screen, but when attempting to reset a PW, it takes several minutes to eventually respond.
Remove registration request .
Hi, We want to remove the option that request the user to register , when an user tries to reset his password a message is displayed with this message : "You are required to subscribe for Verification Code. Please login (if you remember your password) and subscribe. Contact your admin in case you don't remember your password." How can we remove that the users don't need to register to reset or change the password ? Thanks
Not Able to start manageengine adselfservice windows service
Hi, I am not able to start adselfservice windows service after upgrading to build 5327.
Permission denied
while user registration, self update, password change permission denied message is coming.
Comodo Positive SSL Wildcard Cert
Hello, I am trying to determine the best way to import my wildcard SSL cert into ADSelfService Plus. Comodo sent me a bundle CA file and a domain crt file for my wildcard domain. These are the options ADSelfService Plus gives me on the instruction page for adding the cert to the keystore: For "Comodo" certificates keytool -import -trustcacerts -alias root -file AddTrustExternalCARoot.crt -keystore selfservice.keystore keytool -import -trustcacerts -alias addtrust -file UTNAddTrustServerCA.crt
Remove child domain from
We are decommisioning a child domain and want to remove it from the Domain Settings area as well as the policy for said domain. When I go to remove the child domain, it states its successful but still shows up and is configured.
ADSELFSERVICE is it 2016 compatable yet
Hi, Is ADSelfService compatible with Server 2016 yet? Thank You Simon
GINA install issue
I'm attempting my first Windows GINA install - on my Windows 7 PC. The ADSelfService console shows that it has been installed. I see the "reset password/unlock account" option at the logon screen of a Remote Desktop Connection, but I don't see it at the logon screen form my PC.
Ports for GINA install.
Hello! Can someone please tell me the ports I need to have open on our firewall to "push" install GINA to all of my PC's?
Password change option
Hello, I enable password change option and I have a problem. In IE all works fine, in Chrome after input login and password I see alert "This page is trying to load scripts from unauthenticated sources", in Firefox after input login and password I see alert "Mixed content blocking". In password reset tool I don't receive any error. How I can fix this problem? Regards, Anton
Can't install GINA on any PCs
Hi Please could you help to debug. I can't install GINA Agent on any PCs in Domain. There is no problem with agent installation for SD+ or DeskCentral agent. Our build 5326 Windows Event log error due Installation initialization: The Interactive Services Detection service terminated with the following error: Incorrect function. Event ID: 7023 Status: Couldn't copy the MSI file "ADSelfServicePlusClientSoftware.msi" to the client machine Best regards Dmitry
Remote password changes - Can't get to work more the 50/50
Our company has about 400 remote users not on our domain with approximately 100 users at the corporate office and connected to the domain. We are cloud based for just about everything hence our interest in Manage Engine and password changes. Unfortunately we were led to believe we would not need a VPN connection to change ones password and the system (Manage Engine) would update the cache including passwords on local devices. We accepted the VPN process using Cisco AnyConnect and have found it
Apache Struts has been flagged as being vulnerable
Hello, the version of Struts used by the AD Self Service Portal is Struts version 1.1. Our IT security has flagged this as a serious security issue. Will Struts be updated to the latest version in the next build ? Strusts 1.1 is very old, has exploits, is unsupported and has long since reached its end-of-life. https://beta.nvd.nist.gov/vuln/search/results?adv_search=true&cpe=cpe%3a%2fa%3aapache%3astruts%3a1.1 https://struts.apache.org/struts1eol-announcement.html Thanks John
Did you know - How to configure Single Sign-On in ADSelfService Plus? (Part 3 - Zendesk)
This week let me take you through the steps to configure Single Sign-On for Zendesk. Once SSO is configured, users can access their Zendesk accounts with just their Active Directory or Microsoft Windows credentials. ADSelfService Plus also allows you to access Zendesk accounts with just a single click, from its web console. Single Sign-On for Zendesk: Step 1: Configuring ADSelfService Plus Login to ADSelfService Plus web console with the administrator credentials. Navigate to Configuration -->
Software not accessible after reboot
Hi I have installed the software and it is working fine. However, once I reboot my workstation the ADSM Server does not automatically restart by itself? I have to run the 'startADSSP' batch file and this then starts all the services and I am able to access the URL again: http://localhost:8888/authorization.do Surely this is not right? Please can someone point me in the right direction and let me know what is going wrong? Many thanks
Logging into ADSelfService Plus after workstation reboot
Hi I have installed this software and all works fine. However once I reboot my workstation and then attempt to login to: http://localhost:8888/authorization.do I just get a "Page can't be displayed" error. The only way to fix it is to reinstall the software and then it will start working again... Any advice please? Thanks
Autoenroll users based on User Principal Name (UPN)
From what I can understand, it is not possible to auto enroll users based on User Principal Name (UPN - e.g firstname.last@domain.com) and they can only be enrolled based on sAMAccountName. Can this be modified so that we can also enroll based on UPN?
SMS Enrollment
How do I enforce users enter their phone numbers with a leading '1' (trunk prefix) when enrolling? It will accept their phone number without it, then when they attempt to unlock an account the SMS will error out due to the missing '1'. The only option I see is to set the format to XXX-XXX-XXXX - which does the opposite, and does not allow them to enter the 1 at all. Or is there a way to have the SMS gateway just add the 1 if not present to all? Thank you!
Cannot send mail
I am running ADSelfService Plus on a Windows 7 machine. I have an SMTP server in house and I can telnet to port 25 on that server (Windows 2012) from the Windows 7 command line, however, I cannot send mail from the application. I have other applications on that system that are able to send mail. It tells me that is cannot connect to port 25 on that server. Any ideas?
Auto-Expire Registered Users Accounts
We seem to have issues where users go long periods of time after their initial registration, where when they have to use the self-serve unlock they've forgotten the answers to their questions. Would it be possible to add the ability to automatically expire a users registration within the self-server tool after a configurable amount of time, so they'd have to re-register and thus update their choose questions and answers?
Update email address to get verification code
Hi Team, Let me know if there is a way to bulk update email address for users to get verification code as multi-factor authentication. Thanks, Rakesh
Slowloris Resource Depletion and Denial of Service
I have placed a support call previously on this issue and was advised it would be fixed in the next release. That was a few releases back and this vulnerability keeps appearing on our external vulnerability scans. Are there any changes that can be made to fix this issue without waiting for a patch in one of the releases? ADSelfService Plus is running on port 443, but it does allow the redirect if a user hits it on port 80. I am guessing that is why the vulnerability is showing below on port 80.
GINA - Password Policy Enforcement only
Hello, Is it possible to hide the Reset Password / Unlock Account Button in GINA? I really like the Password Policy enforcement for when users are changing their passwords, but I am not ready to force everyone to enroll yet. If possible I would like to install the GINA client on all workstations so that users can see the password requirements. Then, once I am ready to have people enroll in the system, I can unhide the Reset Password / Unlock Account button. Thanks, Michael
Captcha field not work for Internal users
Recently we had upgrade our selfservice porta from Version 5301 to Version 5.3 SP2 5320. Now, our most of internal users report us that, they occured issue while reseting or login in self services. Continuosly they occured wrong Captcha while reseting password. & this is not for single user. We are unable to caught our productivity due to this, as users continuuosly complaint about this. we publish 'Get Started' notes to users. But it also not work. Is there any way to remove captcha section from
Enabling a Restricted User Automatically
We can currently restrict users automatically on a schedule using certain criteria (disabled, OU, etc). Could we also have the ability to automatically enable restricted users based on criteria? I restrict students that aren't current students to keep our license count down to an affordable level. However, students commonly skip terms and come back, and then need to be enabled to do password management again. Right now I don't see a way to automate this process. Criteria I would like to see
HTTP/HTTPS
Hello, I have a problem. ADSSP work behind Barracuda Load Balancer. Barracuda configured as HTTPS redirect from 80 to 8888. When i click "Cancel" in ADSSP I go to http://mylink.com. How I can change default ADSSP link to HTTPS://...? Regards, Anton
Quick Enrollment from External Database - "Unable to Fetch. Check your query or permission" when using a SQL View that uses an OPENROWSET
I am attempting to setup ADSelfService Plus to fetch data for enrollment from a MSSQL database. I am connecting to a view I have created in SQL using the following SQL statement in ManageEgine: "Select UserName, Question, Answer from ManageEngineStaffEnrollment;" (ManageEngineStaffEnrollment is the name of view I have created in SQL). This works until I modify the view in SQL to also retrieve and join data from active directory (So I can get the sAMAccountName as I cannot enroll based on UPN). The
ADSelfService Plus 5327 released
Hello Everyone! We are glad to release the latest version of ADSelfService Plus - build 5327. This release comes with three new authentication methods to beef up security for the self-service password reset and account unlock processes, along with other bug fixes. Features: Duo Security, RSA SecurID and RADIUS-based authentication support: Self-service password reset and account unlock processes are now more secure than ever thanks to three new authentication methods for verifying users’ identities.
Did you know - How to configure single sign-on in ADSelfService Plus? (Part 2 - Zoho)
This week let me walk-through through the steps to configure Single Sign-On for Zoho. Upon setting up SSO in ADSelfService Plus for Zoho accounts, customers can use their AD or Windows credentials to access their Zoho cloud accounts. The solution also allows users to access their Zoho accounts from its web console, with just a click. Configuring Single Sign-On for Zoho: Step 1: Configuring ADSelfService Plus Login to ADSelfService Plus web console with the administrator credentials. Navigate
ADSS password change option just refreshes page - does nothing. No errors
ADSS password change option just refreshes page - does nothing. No errors All of sudden (about 2 weeks ago) the ADSS application just stopped changing passwords. (All other components seem to work fine). when you try and change a password the page just refreshes quickly and that's it. No errors, nothing on the screen (and it has not changed the password). INFO: - using the domain admin account as the authentication account. - no windows updates have installed on the server (it's in a DMZ). - only
Next Page