I'm looking for help on this as well. I'm sure it's in some HTML document, I just can't find it.
↧
Re : How to change sample Name
↧
Re : How to change sample Name
Hi,
You can modify the text as per your requirement by following the below steps.
1) Stop ManageEngine ADSelfService Plus service.
2) Take a backup copy of "ApplicationResources_en_US.properties" file located at
"C:\\ManageEngine\\ADSelfService Plus\\resources\\adssp" folder to a different location.
3) Edit "ApplicationResources_en_US.properties" file(using Notepad++, Wordpad, or any text editor) and change the content to match up with your requirements for the following key.
adssp.reset_unlock.accounts.username.text_ex_name=Example \\: Jsmith
4) Start ManageEngine ADSelfService Plus service.
↧
↧
Re : GINA\Mac VPN Client configuration different on PC and Mac
↧
Re : HTTP/HTTPS
Hi Anton,
scheme="https" proxyName="load_balancer_ip(or)URL" proxyPort="80"
HTTP connector tag starts with
Please modify server.xml file located in <Installation Directory>\conf folder and check the issue.
Edit the server.xml to add the load balancer details to the non-SSL http connector tag as follows,
Entry need to be added
Edit the server.xml to add the load balancer details to the non-SSL http connector tag as follows,
Entry need to be added
scheme="https" proxyName="load_balancer_ip(or)URL" proxyPort="80"
HTTP connector tag starts with
<!-- Define a non-SSL Coyote HTTP/1.1 Connector on port 8888 -->
Original Entry:
<!-- Define a non-SSL Coyote HTTP/1.1 Connector on port 8888 -->
<Connector acceptCount="100" connectionTimeout="20000" debug="3" disableUploadTimeout="true" enableLookups="false" maxSpareThreads="75" maxThreads="150" minSpareThreads="25" name="WebServer" port="8888" redirectPort="" />
Modified To:
<!-- Define a non-SSL Coyote HTTP/1.1 Connector on port 8888 -->
<Connector acceptCount="100" connectionTimeout="20000" debug="3" disableUploadTimeout="true" enableLookups="false" maxSpareThreads="75" maxThreads="150" minSpareThreads="25" name="WebServer" port="8888" redirectPort="" scheme="https" proxyName="load_balancer_ip(or)URL" proxyPort="80"/>
Save the file and restart ManageEngine ADSelfService Plus service to take effect then check the issue.
Original Entry:
<!-- Define a non-SSL Coyote HTTP/1.1 Connector on port 8888 -->
<Connector acceptCount="100" connectionTimeout="20000" debug="3" disableUploadTimeout="true" enableLookups="false" maxSpareThreads="75" maxThreads="150" minSpareThreads="25" name="WebServer" port="8888" redirectPort="" />
Modified To:
<!-- Define a non-SSL Coyote HTTP/1.1 Connector on port 8888 -->
<Connector acceptCount="100" connectionTimeout="20000" debug="3" disableUploadTimeout="true" enableLookups="false" maxSpareThreads="75" maxThreads="150" minSpareThreads="25" name="WebServer" port="8888" redirectPort="" scheme="https" proxyName="load_balancer_ip(or)URL" proxyPort="80"/>
Save the file and restart ManageEngine ADSelfService Plus service to take effect then check the issue.
↧
Re : Unlock or reset password generate 2 verification codes or secure link via email
Hi,
I would request you to contact our support team(support@adselfserviceplus.com) to further analyze this issue in detail for a fix.
↧
↧
Re : Notification emails are only sent after logging into the console
Hi Ron,
1) Please stop the application from running as the console by right click on the 'A' icon from the system try and select 'Shutdown Server'.
2) Open administrator command prompt then navigate to "<installation_directory>\ManageEngine\ADSelfService Plus\bin" folder and execute the following commands,
wrapper.exe -r ..\conf\wrapper.conf
wrapper.exe -i ..\conf\wrapper.conf
3) Start 'ManageEngine ADSelfService Plus' service to check.
Regards,
↧
Re : Force Enrollment Script
Hi Oscar,
Sorry for the inconvenience caused and it was a bug when upgrading to the build 5325 and it will be handled in our future release of ADSelfService Plus. Please use the below given PowerShell commands to remove the logon script from users' profile,
Open administrator PowerShell on a DC,
1) import-module activedirectory
2) get-aduser -filter {scriptPath -like 'ADSelfService_Enroll.hta'}
3) get-aduser -filter {scriptPath -like 'ADSelfService_Enroll.hta'} | set-aduser -scriptPath ' '
↧
Re : SelfService App XML?
Hi Brian,
ADSelfService Plus mobile app can be now pushed with server settings with the following keys using any MDM (AirWatch, JAMF, MobileIron, etc.,)
The keys are case sensitive as follows,
- serverProtocol
- serverName
- serverPort
Its values type will be like NSString for all the three keys.
The values will be
<http or https>
<servername or the public url>
<Serverport>
↧
Free Online Training - March-2017
Free ADSelfService Plus online workshops March-2017
ADSelfService Plus is back with some great news. Based on popular demand, we have decided to kickstart a new free online workshop series from the first of March. This series covers a host of topics to help you use ADSelfService Plus effectively to manage passwords with ease and improve security.
So, what's stopping you? Register right away and learn the tricks of Active Directory password management from our product experts.
Workshop titles:
- Empower users with self-service password management for both on-premises and cloud applications.
- Automatically synchronize Active Directory password in real-time across Office 365.
- Provide Active Directory-based single sign-on for cloud applications.
- Notify remote users via email and SMS about their impending password and account expiration.
- Strengthen users' passwords by enforcing granular password policies in Active Directory, and other on-premises and cloud applications.
Just a few days more to go for the event! So, Register now to block your seat as we don't want you to miss out on these knowledge rich sessions.
↧
↧
ADSelfService Plus 5326 released with AD domain to domain password synchronization
Hello Everyone!
We are glad to release the latest version of ADSelfService Plus - build 5326. This release brings Active Directory domain to domain synchronization feature along with some other enhancements and bug fixes.
Enhancements:
- AD domain-to-domain password sync: Now you can enable password synchronization between two or more Active Directory domains.
- Option to synchronize passwords only after successful password reset in Active Directory.
- Ability to identify the IP addresses of machines used to access the product via proxy server.
Issues Fixed:
- XSS vulnerability in self-update manager field.
- Issue which resulted in distorted photos during self-update.
- Issue which associated technicians with wrong time zone.
↧
Re : adssp.common.text.message_failed
Hi Support team,
I got the same issue
I had reset the Server and Service; GSM modem but nothing change.
Would you pls to induction me to resolve this matter. Thank you !
Luan Nguyen
↧
Did you know - How to configure single sign-on in ADSelfService Plus? (Part 1 - Google Apps)
With the advent of cloud technology, inevitably every organization uses one or the other cloud apps to ease out their business process. Storing the data on the cloud or accessing cloud applications for IT management is common. However, this development does come with a price too. With numerous applications on cloud, employees have to remember different passwords for each of their cloud application or account, which is a daunting task. What if I say, there's a comprehensive solution that offers users the capability to access all of the cloud accounts with a single credential.
Introducing ADSelfService Plus with Single Sign-On (SSO) capability. With this feature, administrators can allow end-users to access all their cloud accounts with their Active Directory or Microsoft Windows credentials and save them from the trouble of having to remember myriad passwords.
This week let me elaborate on the steps to configure SSO for Google Apps.
Configuring Single Sign-On for Google Apps:
Step 1: Configuring ADSelfService Plus
- Login to ADSelfService Plus web console with the administrator credentials.
- Navigate to Configuration --> Self-Service --> Password Synchronizer/ Single Sign-On link.
- Click on the Google Apps link and this will redirect to the configuration page.
- In the Modules drop-down list, select Single Sign-On.
- Enter the Google domain name.
- Select the Self-Service Policies from the drop-down list.
- Click Download SSO certificate button in the top right-hand side of the page.
- In the SSO/SAML details pop-up box that appears, copy the first two fields (Login URL and Logout URL) and click on the Download SSO Certificate link to download the SSO Verification Certificate. (Refer Image)
- Click Save.
Step 2: Configuring Google Apps
- Login to Google Apps with the administrator credentials.
- In the administrator console, select the Security icon.
- In the Security settings page that opens up, navigate to Set up single sign-on (SSO).
- Select SSO with third party identity provider option.
- Paste the values of the two fields that was copied from ADSelfService Plus web-console in step 1 to the the Sign-in page URL and Sign-out page URL fields. (Refer Image)
- Upload the verification certificate.
After this configuration, when users try to access their cloud applications, they will be redirected to the ADSelfService Plus server, which authenticates their accounts with either AD or Windows credentials.The solution also provides an option to access the cloud application from its web-console.
↧
Re : Force Enrollment Script
Add us to the list that this "bug" had an impact on our users. It affected 7278 users. This is a major issue because not only did it change the login script, which we have many of based on what type of account it is, but also seems to have changed the "Connect" setting in AD that connected the users private drive.
The fix above simply deletes the "ADSelfService_Enroll.hta"
As Administrators of your product, we should have been proactively notified that this bug existed to begin with. It is the reason many sysadmins do not update for a long time after the updates are released. I can't even begin to tell you folks how upset we are that a simple product update caused this issue, increased calls into our service desk, and will now require time to work in powershell to fix the issues it created.
Thanks a lot Manage Engine!
↧
↧
Some users not receiving email reminders
Some users do not receive email reminders, in audit reports I am seeing following:
"Illegal semicolon, not in group"
↧
Domain Users can not change passwords
I can change my password as a domain admin, but normal domain users can not. They get the following error::
Change Password Failed
1. Incorrect Old Password
2. Password chosen failed to meet any or all of the standards stated below:
Minimum Password Length: A longer password is required.
Password Complexity: Password should be a combination of alphabets & numerals.
Minimum Password Age: When set, you cannot change password for specified time.
Password History: Reuse of old password(s) prohibited.
I am definitely hitting the password complexity rules set in ManageEngine and in AD. If the domain user changes the password in Windows it works fine.
Change Password Failed
1. Incorrect Old Password
2. Password chosen failed to meet any or all of the standards stated below:
Minimum Password Length: A longer password is required.
Password Complexity: Password should be a combination of alphabets & numerals.
Minimum Password Age: When set, you cannot change password for specified time.
Password History: Reuse of old password(s) prohibited.
I am definitely hitting the password complexity rules set in ManageEngine and in AD. If the domain user changes the password in Windows it works fine.
Is there a permission or a switch im forgetting to hit here?
↧
Where do you install ADSelfService Plus
So this is a super simple question but for some reason I'm not understanding how ADSelfService is installed
- Do you install the Software on your domain controller/some other server and clients access the web portal?
- or Do you install the software on every client's machine?
Option two doesn't seem right, but I can't find instructions explicitly saying to install the software on a server.
Thanks.
↧
ADSS password change option just refreshes page - does nothing. No errors
ADSS password change option just refreshes page - does nothing. No errors
All of sudden (about 2 weeks ago) the ADSS application just stopped changing passwords. (All other components seem to work fine).
when you try and change a password the page just refreshes quickly and that's it. No errors, nothing on the screen (and it has not changed the password).
INFO:
- using the domain admin account as the authentication account.
- no windows updates have installed on the server (it's in a DMZ).
- only using the 2 local DCs, no extras.
- no audit failures on the DCs either.
Any ideas? Anyone have any fixes? Support has been looking at logs for almost 3 days now.
All of sudden (about 2 weeks ago) the ADSS application just stopped changing passwords. (All other components seem to work fine).
when you try and change a password the page just refreshes quickly and that's it. No errors, nothing on the screen (and it has not changed the password).
INFO:
- using the domain admin account as the authentication account.
- no windows updates have installed on the server (it's in a DMZ).
- only using the 2 local DCs, no extras.
- no audit failures on the DCs either.
Any ideas? Anyone have any fixes? Support has been looking at logs for almost 3 days now.
↧
↧
Re : Where do you install ADSelfService Plus
Morning Thomas,
I wouldn't install any applications on your domain controllers. In the environment where I have deployed ADSelfService, We created a separate application and DB virtual servers and hosted the application one and the db on the other one (this is not mandatory but is the architecture we use e.g. application server/db server, you could install both component's on the same server if you so wished.).
The only component that needs rolling out the end user desktop is the update GINA client, this enables the change password button to appear on the login or lock screen on the windows clients where your users will want to use this functionality. You will also need a service account for the application to use and depending on your environment will depend on how locked down this account as is.
Hopefully this answers your question.
Mark
↧
Password Expiry Notification
Hey Guys,
So I installed and configured the Free password expiry tool. I checked all the server settings with out network engineer and test the email connection in the server settings section. The test email sends fine, but when I run the task to email users with soon-to-expire passwords, they aren't receiving the emails. I have it set to only detect users in the OU associated with all users accounts, rather than the entire AD because I don't want managed and admin accounts to be included in the reports. Is there something I am missing in the configuration? Any help you can provide is much appreciated. Thanks!
↧
Restricted Access
Hello,
I am getting a restricted access error from students who are enrolled and from those who are not enrolled. I can not figure out why both are giving off the same error.
↧
