Connection Settings

You can configure the SSL settings, access URL, proxy settings, port settings, and session time settings un der Connection Settings.

Connection Settings

1. Click Admin > Product Settings > Connection.
2. Click the Connection Settings tab and select ADSelfService Plus Port [https].



Note: We strongly advise against choosing HTTP in your production environment because it does not enforce SSL certificate validation and will have a severe impact on security. The HTTP option has been provided only for testing purposes.

3. Set a port number of your choice for ADSelfService Plus, or retain the default port number.

When HTTPS is selected, follow these steps:

4. Click Apply SSL Certificate and follow the steps to apply the SSL certificate in ADSelfService Plus. Learn more.
5. Select the Enable LDAP SSL to secure communication between Active Directory and ADSelfService Plus.
6. Select the Encrypt keystore password and enter the keystore password. The password you enter will be encrypted for better security.

Note: The value of the keystorePass property in the server.xml file will be replaced with the macro ${adssp.keystorePass}.

7. Select the TLS Versions and the Cipher Suites from the drop-down.
8. Click Save.

Important: If you’ve hosted ADSelfService Plus over the internet or behind a proxy server, you can configure an access URL to provide end users with access to ADSelfService Plus.

Proxy Settings

1. Select the Enable Proxy Server.
2. Enter the Server Name or IP of the proxy server.
3. Provide the required authentication details by entering the Username and Password.
4. Click Save.

Note: Use Test Connection to verify that the proxy server connection is valid.

General Settings

Session Settings

Session Expiry Time: Session Expiry Time is the maximum duration a user's ADSelfService Plus session can remain idle before being terminated. Configure session expiration time for users (from 10 mins to Never expires) by selecting the Session Expiration Time of your choice.

Note: Changes take effect only after the ADSelfService Plus server is restarted.

To set the session expiration time:

1. Log in to the ADSelfService Plus portal with admin credentials and navigate to Admin > Product Settings > Connections > General Settings.
2. Select a Session Expiration Time limit from the drop-down.

Deny multiple simultaneous logins for a user: When Deny Concurrent Logins is enabled, users will not be allowed to log in to ADSelfService Plus from multiple client endpoints simultaneously. This means users will not be able to log in to ADSelfService Plus if there is another active session in a browser or the mobile app.

Users can log in again only after they log out from all existing sessions, or after their session time expires.

To deny multiple simultaneous logins:

1. Log in to the ADSelfService Plus portal with admin credentials and navigate to Admin > Product Settings > Connections > General Settings.
2. Check the Deny Concurrent Login checkbox.

Attempts to log in to the ADSelfService Plus web console when there is another active session will result in an error message.

Clearing the session status of users: When Deny Concurrent Logins is enabled, a user who closes a browser with an active ADSelfService Plus session will not be able log in to their portal until the idle session time expires. In this case, you can reset the session login status to terminate the idle sessions of all the users under the policy. Active sessions will not be affected.

To terminate users' idle sessions:

• Log in to the ADSelfService Plus portal with admin credentials and navigate to Admin > Product Settings > Connection > General Settings.



• Under Session Settings, select the Deny Concurrent Logins checkbox.
• Select the Click here link that appears to reset the session status of all users.
• In the Confirm Action pop-up, click Yes.

Startup & Logging Settings

Current Log Level <drop_down>: To collect minimum debug information, select Normal Mode. To get in-depth debug information, select Debug Mode.

Retain Logs for <textbox> Days: Use this setting to set the number of days for which to preserve the log files. If this option is enabled, log files older than the specified number of days will be removed. By default, the log files are retained for 365 days. If this option is not enabled, log files will be retained indefinitely.

Enable Session Tracking: If this option is enabled, you can monitor user sessions and facilitate in-depth debugging.

Launch the ADSelfService Plus Client upon Successful Startup: If this option is enabled, the ADSelfService Plus web application will automatically start running as soon as the user logs in to their machine.

Start the Product Automatically on Windows Startup: If this option is enabled, ADSelfService Plus will automatically start running in the background as a Windows service as soon as the user logs in to their Windows machine.

Note: This setting is applicable only to installations of ADSelfService Plus as a Windows service.

Once you have enabled the required settings, click Save Settings. The changes made will be reflected upon restarting ADSelfService Plus.