Navigate to previous Previous TopicNext Topic Navigate to next

Password Synchronization with AD LDS Server

ADSelfService Plus’ real-time password synchronizer ensures that users maintain a single password across different applications, reducing password-related issues. Each time a user resets or changes their Active Directory password, the new password is automatically synced to the AD LDS server.

Steps to configure AD LDS Server with ADSelfService Plus

Important: Install the Password Sync Agent to synchronize native password changes and resets.

Enabling the fUserPwdSupport flag in the dsHeuristics registry value is essential to prevent passwords from being stored in plain text when synced to AD LDS. To enable this flag, set its character value to any value other than zero or two.

  1. Log into the ADSelfService Plus admin console with admin credentials.
  2. Navigate to Configuration > Self-Service > Password Sync/Single Sign On.
  3. Select the ADS LDS Server application.
    Note: You can also find ADS LDS Server application that you need from the search bar located in the left pane or the alphabet wise navigation option in the right pane.
  4. Enter the Application Name and Description.
  5. In the Assign Policies field, select the policies for which password sync needs to be enabled.
    Note: ADSelfService Plus allows you to create OU and group-based policies for your AD domains. To create a policy, go to Configuration > Self-Service > Policy Configuration > Add New Policy.
  6. Select Enable Password Sync.
  7. Enter the System Name / IP Address.
  8. Enter the Domain Name of the AD LDS Server in distinguished name format. For example, dc=example,dc=com.
  9. Enter the User Name of the AD LDS Server. It may be an AD-DS (Active Directory Domain Service) user or AD-LDS user. AD-DS name could be either in sAMAccountName or NetBIOSDomainName\sAMAccountName. AD-LDS user name should only be in the distinguished name format. For example, cn=directory_manager,dc=example,dc=com.
  10. Enter the Password of the AD LDS Server.
    11. Note: The username and password must belong to the administrator account of the server in which AD LDS is installed.
  11. Enter the LDAP (default port for LDAP is 50000) and LDAP SSL (default port for LDAP SSL is 50001) port number of the AD LDS Server.
  12. If you have configured the User Name from AD-LDS service, SSL should be enabled in AD LDS for the password sync to work.
  13. Click Add Application
Navigate to previous Previous TopicNext Topic Navigate to next

Thanks!

Your request has been submitted to the ADSelfService Plus technical support team. Our technical support people will assist you at the earliest.

 

Need technical assistance?

  • Enter your email ID
  • Talk to experts
  •  
     
  •  
  • By clicking 'Talk to experts' you agree to processing of personal data according to the Privacy Policy.

Don't see what you're looking for?

  •  

    Visit our community

    Post your questions in the forum.

     
  •  

    Request additional resources

    Send us your requirements.

     
  •  

    Need implementation assistance?

    Try onboarding

     

Copyright © 2024, ZOHO Corp. All Rights Reserved.