Pricing  Get Quote
 
 

Troubleshooting Guide for Common Errors in ADSelfService Plus End User Portal

  1. Permission denied. Please contact your administrator.

    Cause: There are two reasons why this error could occur:

    • End users trying to access any of the self-service features in ADSelfService Plus such as password reset or directory self-update need to be included in a self-service policy that provides access to those features. If they are not, they will get this error.
    • Since ADSelfService Plus supports the creation of multiple self-service policies, a user may belong to two self-service policies, one of which doesn't provide permission to access the self-service features. In this case, the policy which provides the user access to the self-service feature must be given top priority.

    Solution: Configure a self-service policy to include the user. Follow the steps below:

    1. Log in to the ADSelfService Plus admin portal.
    2. Go to Configuration > Self-Service > Policy Configuration.
    3. You can either create a new policy or edit an existing policy.
    4. Select the features you want to enable.
    5. Click the Select OUs/Groups button and select the OU or group the user is part of.
    6. Click OK and then Save Policy.
    7. To prioritize the policy, click the double arrow icon [] next to the Add New Policy button and reorder the policy as per your requirement.
  2. Access denied for password reset. Please contact your administrator.

    Access denied for account unlock. Please contact your administrator.

    Cause: When you add an Active Directory (AD) domain in ADSelfService Plus, you should provide an account that has Domain Admin privilege to carry out the self-service operations such as password reset and account unlock. If you haven’t configured an account or the account doesn’t have Domain Admin privilege, these errors will occur.

    Solution: Configure the AD domain with Domain Admin privileges. Follow the steps below.

    1. Log in to the ADSelfService Plus admin portal.
    2. Click on Domain Settings in the top-right corner.
    3. Select the AD domain for which the users get this error and click the Edit icon under the Actions column.
    4. Select the Authentication checkbox.
    5. Enter the Domain Username and Password of an account that has Domain Admin privileges.
    6. Click Save.
  3. Access denied due to insufficient license. Please contact your administrator.

    Cause: This error will occur if you have exhausted the ADSelfService Plus license and a user who hasn’t been assigned a license tries to access the product.

    Solution: Make sure you have enough free licenses for all the users in your organization. You can upgrade your license with more seats by contacting sales@manageengine.com. To check for prices, visit our online store

    You can also use the License Management > Restrict Users option under the Admin tab to manually or automatically restrict users, such as inactive and disabled users, to reclaim the licenses assigned to them and assign it to other users who need them.

    To learn more, refer our detailed guide on license management.

  4. Service account configured in this application has expired. Please contact your administrator.

    Cause: The service account configured under the Domain settings might be locked out or its password might have expired.

    Solution: Change the password of the service account, unlock it, or configure a new account with Domain Admin privilege for the AD domain under Domain Settings. To modify the domain settings:

    1. Log in to the ADSelfService Plus admin portal.
    2. Click on Domain Settings in the top-right corner.
    3. Select the AD domain for which the users get this error and click the Edit icon under the Actions column.
  5. No such user account configured. Please try with different username/domain.

    Cause: Since multiple Active Directory domains can be configured in a single ADSelfService Plus instance, the user might have selected the wrong domain in the login screen.

    Solution: Make sure the user selects the correct domain in the login screen.

  6. Unable to login. Multiple user accounts are mapped for the same login attribute. Please contact your administrator.

    Cause: ADSelfService Plus can be configured to allow users to login using any unique AD attribute such as mobile and mail in place of sAMAccountName. This error appears when two or more users have the same value for the chosen login attribute.

    Solution: Make sure the attribute you have configured can have only unique value for each user. You can configure unique attributes for login by following the steps below:

    1. Log in to the ADSelfService Plus admin portal.
    2. Go to Admin > Customize > Logon Settings.
    3. Under the General tab, click on the Select attribute list link next to Enable other unique attributes to log in to the product.
    4. Select attributes that can have only unique values for each user.

Request for Support

Need further assistance? Fill this form, and we'll contact you rightaway.

  • Name
  •  
  • Business Email *
  •  
  • Phone *
  •  
  • Problem Description *
  •  
  • Country
  •  
  • By clicking 'Submit' you agree to processing of personal data according to the Privacy Policy.
Highlights

Password self-service

Free Active Directory users from attending lengthy help desk calls by allowing them to self-service their password resets/ account unlock tasks. Hassle-free password change for Active Directory users with ADSelfService Plus ‘Change Password’ console. 

One identity with Single sign-on

Get seamless one-click access to 100+ cloud applications. With enterprise single sign-on, users can access all their cloud applications with their Active Directory credentials. Thanks to ADSelfService Plus! 

Password/Account Expiry Notification

Intimate Active Directory users of their impending password/account expiry by mailing them these password/account expiry notifications.

Password Synchronizer

Synchronize Windows Active Directory user password/account changes across multiple systems, automatically, including Office 365, G Suite, IBM iSeries and more. 

Password Policy Enforcer

Ensure strong user passwords that resist various hacking threats with ADSelfService Plus by enforcing Active Directory users to adhere to compliant passwords via displaying password complexity requirements.

Directory Self-UpdateCorporate Search

Portal that lets Active Directory users update their latest information and a quick search facility to scout for information about peers by using search keys, like contact number, of the personality being searched.

ADSelfService Plus trusted by

Embark on a journey towards identity security and Zero Trust