ADSelfService Plus login
Dashboard
The efficacy of features offered in ADSelfService Plus relies on how the administrator has administered the feature to the Active Directory domain users and also on how often the user monitors the feature's functionality. ADSelfService Plus offers a streamlined admin portal with a sleek user interface. The portal lets admins configure the various features available in ADSelfService Plus and also customize feature functionality according to their requirements.
Dashboard
The Dashboard provides the admin with an overview of important user information like the number of locked-out users, users with expired passwords, and enrolled users. It also displays the number of self-service and identity verification actions performed by users.
Self-service policy configuration
Create self-service policies to enable self-service features based on users' domains, organizational units, and group memberships.
Authenticators list
Over 15 authentication methods are available for admins to configure multi-factor authentication. The configured methods can be enabled for users belonging to specific self-service policies.
MFA for password reset and account unlock
MFA can be enabled for self-service password reset and account unlock. The number of authentication factors and the type of authentication methods can also be set.
MFA for endpoints
Admins can enable MFA for machine (Windows, macOS, and Linux), VPN, and OWA logins using the admin portal.
MFA for application logins
MFA can also be configured to secure access to the ADSelfService Plus admin and user portals and enterprise applications (via SSO).
Forced enrollment
In order to enroll users with the product, admins can force users to complete enrollment right after they log in to their workstations using logon scripts.
GINA, macOS, and Linux login agent installation
The ADSelfService Plus login agent can be installed on users' computers via the admin portal. Once installed, the login agent enables self-service password reset and account unlock from login screens along with MFA for machine logins.
Login Settings
Under the Login Settings section, you can find important settings that secure access to the ADSelfService Plus portal.
Connection Settings
Secure connections between the ADSelfService Plus server and other entities the server may contact, like the user's machine, from the Connection Settings section.
Email and SMS settings
In the Mail/SMS Server Settings section, you can configure the mail server to send notifications of self-service actions, password expiration, verification codes, and more via email.
Email and SMS settings
In the Mail/SMS Server Settings section, you can configure the SMS provider to send notifications related to self-service actions, password expiration, verification codes, and more via SMS.
User portal
With ADSelfService Plus users are empowered to reset their passwords and unlock their accounts right from their web browser, login screen, or mobile device. The ADSelfService Plus user portal can also provides users a gateway to access SSO-enabled enterprise application. Users can also update their Active Directory profile information, subscribe to user groups, and search for employee information using the portal.
Self-service password reset
In the self-service password reset page, the user provides their username and enters the CAPTCHA.
Self-service password reset
The user then verifies their identity using the multi-factor authentication methods configured by the admin.
Self-service password reset
Once their identity is verified, the user then enters the new password according to the password policy.
Self-service account unlock
In the self-service account unlock page, the user enters their username and selects their domain.
Self-service account unlock
The user then verifies their identity using the multi-factor authentication methods configured by the admin.
MFA for machine logins
The user enters their domain credentials.
MFA for machine logins
The ADSelfService Plus window opens and the user then verifies their identity. Once authenticated, the user is logged in to the machine.
MFA for VPNs
The user opens the VPN application, enters their VPN credentials, and logs in.
MFA for VPNs
The user is then asked to enter the verification code according to the authentication method configured. Once authentication is complete, they are connected to the VPN.
MFA for OWA
The user enters their credentials in the Outlook Web Access login page.
MFA for OWA
The ADSelfService Plus multi-factor authentication page is loaded and the user has to verify their identity using multi-factor authentication methods configured by the admin. The user is then logged in.
From the user portal, the user can access the enterprise application configured for single sign-on from the Applications tab.
Password synchronization
When resetting or changing their password using ADSelfService Plus, the user can choose the accounts they want to synchronize the password change with.
Password policy enforcer
The administrator can configure a custom password policy enforcer that will be applied during password reset and change using the ADSelfService Plus portal along with native password changes (resets in the Active Directory Users and Computers console and changes using the Ctrl+Alt+Del console).
Password expiration notification
Admins can configure notifications that alert users on their impending password and account expiration and send them via email, SMS, and push notifications.
Conditional Access
Admins can create conditional access rules to enable or disable access to features based on factors like IP address, device used, business hours, and geolocation.
Conditional Access
The conditional access rule can be assigned to a specific set of users via self-service policies.
Directory self-update
The user can update their Active Directory attributes via the Profile tab in the ADSelfService Plus user portal.
Employee search
Users can search for employees in their organization via the Search Employee field at the top-right corner of the user portal.
Employee search
The users can also use filters to narrow down the employee search.
Organization search
The Organization Chart allows users to view other employees and their positions in the organizational hierarchy.
Password change
The user can change their domain password from the ADSelfService Plus user portal. The user has to ensure that the new password adheres to the password policy.
Group subscription
Users can subscribe to the Active Directory Groups of their preference using the ADSelfService Plus user portal.
ManageEngine ADSelfService Plus is an identity security solution with MFA, SSO, and self-service password management capabilities. It offers self-service password resets and account unlocks; endpoint MFA for machine, VPN, and OWA logins; SSO for enterprise applications; AD-based multi-platform password synchronization; password expiration notifications; and the Password Policy Enforcer.
