Quantcast
Channel: Support Portal
Viewing all 2881 articles
Browse latest View live

Re : Password Reset allows users to use previous password

February 8, 2017, 7:07 pm
$
0
0
Hi Jon,

You could configure the following settings in ADSelfService Plus to make the reset password functionality to look for password history settings as follows. 

* Login as "admin" to ADSelfService Plus.

* Navigate to "Configuration" tab --> Self-Service --> Policy Configuration --> Available Policies --> "Advanced" column

* Click to view the advanced options --> "Reset & Unlock" tab

* Check "Enforce Active Directory password history settings during password reset" checkbox --> click "OK"

Note: 

* Ensure that you should not use the flag User cannot change password in AD when this feature is enabled with ADSelfService Plus,
  

* Once a user initiated their reset password procedure, they have to complete this. If they going to skip this then they will be ended    up with an ADSelfService Plus generated password with no idea what it is, because ADSelfService Plus will reset user's password with a random password and

keeping that as the old password and get the input from a user for new password then it will do the change password option.


OR


Simply enable the checkbox "Upon password reset, force users to change password at next logon." under 'Policy Configuration' --> Available Policies --> 'Advanced' --> 'Reset & Unlock' tab.


Regards,

ADSelfService Plus Team

Toll Free: +1-888-720-9500

Direct: +1-408-916-9890

Email: support@adselfserviceplus.com

Self Service Password Management Solution

Search

Re : Capture email address in conversation

February 8, 2017, 7:36 pm
$
0
0
Sorry, it should be moved to ServiceDesk

Re : "Number of numeric characters to include"

February 9, 2017, 2:09 am
$
0
0

Thank you Vaideeswaran,

I've updated to build 5325 but the problem is still there, I'll contact support for a remote support session.

Many thanks

Re : Password Reset Options: Disable Domain Email as the primary reset option

February 9, 2017, 5:28 am
$
0
0

Still no response to this one? 

This is a HUGE deal.  We have a 25% fail rate on enrollment due to this. 

Mac Keychain

February 9, 2017, 2:59 pm
$
0
0
Does AD SelfService Plus password reset also reset the mac keychain password?  So if a user chooses to reset their domain password from their Mac, will it also reset /sync that change to the local mac's keychain?

Re : Password Reset Options: Disable Domain Email as the primary reset option

February 9, 2017, 6:48 pm
$
0
0
Hi Adam,

The requested features are now available in ADSelfService Plus build 5325 as follows,



a) By default, the application will now show the alternate email of the users on the top of the list during password reset and account unlock.


b) Steps to set 'Select Email/mobile' on the drop down,

* Login as 'admin' to ADSelfService Plus.

* Navigate to 'Configuration' tab --> Self-Service --> Policy Configuration --> Available Policies --> 'Advanced' column

* Click to view the advanced options --> 'Reset & Unlock' tab --> check Show 'Select Email ID/Mobile No.' in the mail/mobile drop down list as default value." --> OK.


c) Steps to remove the primary email from the application,

* Login as 'admin' to ADSelfService Plus --> Navigate to 'Admin' tab --> .Product Settings --> Server Settings

* 'Mail/Mobile Attributes' drop down on the right top --> Add a dummy attribute name for Mail and uncheck the 'Mail'



Regards,

ADSelfService Plus Team

Toll Free: +1-888-720-9500

Direct: +1-408-916-9890

Email: support@adselfserviceplus.com

Self Service Password Management Solution

Resetting a users Security Question

February 9, 2017, 8:07 am
$
0
0

I'm not sure if this is even possible but is there a way to reset the end users security question/s?

Or alternatively, force them to setup their account again.

I have had a number of users tell me that they are being asked questions that there is no way they would ever use.

Thanks for any help


LogJam, RC4 and Forward Secrecy

February 10, 2017, 1:57 pm
$
0
0
When I run a security test on my ADSelfService Plus website using https://www.ssllabs.com/ssltest, I get the following errors:

This server supports insecure Diffie-Hellman (DH) key exchange parameters (Logjam). Grade set to F.
This server uses RC4 with modern protocols. Grade capped to C.
The server does not support Forward Secrecy with the reference browsers.

I can always correct these if I'm running IIS or Apache.  However, I can't find the SSL configuration pages anywhere in the ManageEngine install directory.

How should I secure my server?

Thanks!
Search

Re : LogJam, RC4 and Forward Secrecy

February 10, 2017, 7:37 pm
$
0
0
Hi Rob,

Please add the following ciphers and attributes for forward secrecy to ADSelfService Plus.

ciphers="TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,TLS_RSA_WITH_AES_128_CBC_SHA256,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA256,TLS_RSA_WITH_AES_256_CBC_SHA"

allowUnsafeLegacyRenegotiation="false" server="Adselfservice Plus"

sslProtocol="TLS" sslProtocols="TLSv1.2"

compression="off"

Example:

<Connector SSLEnabled="true" acceptCount="100" compression="off" 
ciphers="TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,TLS_RSA_WITH_AES_128_CBC_SHA256,
TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA256,TLS_RSA_WITH_AES_256_CBC_SHA" clientAuth="false" connectionTimeout="20000" debug="0" disableUploadTimeout="true" enableLookups="false" keystoreFile="./conf/server.keystore" keystorePass="adventnet" maxSpareThreads="75" maxThreads="150" minSpareThreads="25" name="SSL" port="9251" scheme="https" secure="true" allowUnsafeLegacyRenegotiation="false" server="Adselfservice Plus" slProtocol="TLS" sslProtocols="TLSv1.2"/>

Please follow the steps provided below to modify SSL Connector, which is at the bottom of the 'server.xml' file.

* Stop ADSelfService Plus (Click Start --> All Programs --> ADSelfService
    Plus --> Stop ADSelfService Plus).

* Take a backup of existing "server.xml" file located at <installation directory>\conf
   (C:\ManageEngine\ADSelfService Plus\conf) and edit the "server.xml" file to
   modify the SSL Connector.

* Start ADSelfService Plus (Click on Start --> All Programs --> ADSelfService
    Plus --> Start ADSelfService Plus).

Regards,

ADSelfService Plus Team

Toll Free: +1-888-720-9500

Direct: +1-408-916-9890

Email: support@adselfserviceplus.com

Self Service Password Management Solution

Re : Mac Keychain

February 10, 2017, 7:45 pm
$
0
0
Hi,

The requested feature is not supported by ADSelfService Plus at present, will update you when it is implemented with ADSelfService Plus in the future.

Regards,

ADSelfService Plus Team

Toll Free: +1-888-720-9500

Direct: +1-408-916-9890

Email: support@adselfserviceplus.com

Self Service Password Management Solution

Re : Resetting a users Security Question

February 10, 2017, 7:48 pm
$
0
0
Hi Gordon,

Yes, you could delete the user enrollment and force them to enroll again with ADSelfService Plus.

* Login as 'admin' to ADSelfService Plus.

* Navigate to 'Reports' tab --> Enrollment Reports --> Enrolled Users Report --> Search for the user and delete their enrollment.

Regards,

ADSelfService Plus Team

Toll Free: +1-888-720-9500

Direct: +1-408-916-9890

Email: support@adselfserviceplus.com

Self Service Password Management Solution

Re : Other MS SQL/API Applications

February 10, 2017, 7:50 pm
$
0
0
Hi Carlos,

I am afraid to say that the requested feature to support in-house/custom applications is not available with ADSelfService Plus at present.

Regards,

ADSelfService Plus Team

Toll Free: +1-888-720-9500

Direct: +1-408-916-9890

Email: support@adselfserviceplus.com

Self Service Password Management Solution

Re : Users can no longer login to ADSelfService after domain account attached to service was disabled

February 10, 2017, 7:56 pm
$
0
0
Hi Joseph,

Please login with builtin 'admin' to ADSelfService Plus --> click on 'Domain Settings' link on the right-top then edit the domain details to update the new domain credentials then save it.


Example: https://passwordportal.com:9251/adminLogin.cc (letter L in adminLogin.cc should be in uppercase)

Regards,

ADSelfService Plus Team

Toll Free: +1-888-720-9500

Direct: +1-408-916-9890

Email: support@adselfserviceplus.com

Self Service Password Management Solution


Re : 3rd Party Apps/MS SQL/API

February 10, 2017, 8:00 pm
$
0
0
Hi Carlos,

I am afraid to say that the requested feature to support in-house/custom applications is not available with ADSelfService Plus at present.

Regards,

ADSelfService Plus Team

Toll Free: +1-888-720-9500

Direct: +1-408-916-9890

Email: support@adselfserviceplus.com

Self Service Password Management Solution

Re : New Technician from Domain?

February 10, 2017, 8:04 pm
$
0
0
Hi Dave,

We had to have issues with adding technician roles in the older build of ADSelfService Plus. So I would request you to upgrade ADSelfService Plus to the latest build 5325 through service pack installation then clear the browser cache to check this. 

Service pack Download and Upgrade Steps: 


Regards,

ADSelfService Plus Team

Toll Free: +1-888-720-9500

Direct: +1-408-916-9890

Email: support@adselfserviceplus.com

Self Service Password Management Solution
Search

Re : Admanager plus

February 10, 2017, 8:07 pm
$
0
0
Hi Anthony,

Please login as 'admin' to ADSelfService Plus --> Navigate to 'Admin' tab --> License Management --> Restrict Users --> Search for the user then allow access.

Regards,

ADSelfService Plus Team

Toll Free: +1-888-720-9500

Direct: +1-408-916-9890

Email: support@adselfserviceplus.com

Self Service Password Management Solution

Re : Forcing ADSSP to get Display Name instead of Full Name when end user try to selfupdate attributes

February 10, 2017, 8:12 pm
$
0
0
Hi Rochdi,

I am afraid to say that the requested feature is not supported by ADSelfService Plus at present.

Regards,

ADSelfService Plus Team

Toll Free: +1-888-720-9500

Direct: +1-408-916-9890

Email: support@adselfserviceplus.com

Self Service Password Management Solution

Re : LogJam, RC4 and Forward Secrecy

February 13, 2017, 7:18 am
$
0
0
Thanks Vaideeswaran!  That did it.

Force Enrollment Script

February 13, 2017, 10:27 am
$
0
0

I recently updated to Build 5325, prior to the updated I did not have the Force Enrollment using Logon Script feature enabled. After the update it somehow enabled this feature changing the Logon Script field in Active Directory for 3000+ from its original entry to “ADSelfService_Enroll.hta” causing a major issue. I would like to know how and why this occurred when this feature was not enabled in the first place.

Any insight I can provide to my leadership team would be appreciated. 

Did you know - How to customize Logon-to Domain List?

February 14, 2017, 4:13 am
$
0
0

Does your environment involve working with multiple domains? Make it user friendly by listing the domains, for your user, to choose from. ADSelfService Plus gives you, the Administrator, the liberty to customize the end-user Logon page. You can create a drop-down domain list in the user logon page to help the user choose the domain he wishes to log on to.

How to Configure?

Log in as an Administrator

1. Navigate to Admin Tab
2. Click on Customize --> Logon Settings --> General
3. Enable the Show ‘Log on to’ option in the login page check box. 
4. Click on Save to store the configured settings.



You are provided with the choice of setting the selected domain as the default value in the Show Logon to drop-down box. To do so, enable the Show Select Domain as the default value checkbox. Also alter the domain list based on user’s priority. You can now give your user the liberty to choose the domain he wishes to log-in to, easily.



Viewing all 2881 articles
Browse latest View live
Search