How to perform a domain refresh in ADSelfService Plus and why it is required

Last updated on:

In this article

Objective

This article explains what a domain refresh is in ADSelfService Plus, when it is needed, and how to perform it.

What does this article help the user accomplish?

  • Ensures that the ADSelfService Plus Dashboard and Reports tab display up-to-date information from Active Directory.
  • Instantly reflects newly created users, updated user attributes, or removed accounts in the ADSelfService Plus interface.
  • If the Dashboard and Reports tab do not display any data, performing a domain refresh will update and restore the information.

Why is it important?

Active Directory changes may not be reflected immediately in ADSelfService Plus unless a domain refresh is performed. The system updates based on the frequency configured in the AD Synchronizer Scheduler. This delay can lead to the Reports and Dashboard displaying outdated or incomplete information.

Prerequisites

  • Admin access to ADSelfService Plus is required.
  • AD domain controller connectivity must be available from the ADSelfService Plus server.
  • The AD Synchronizer Scheduler should be configured correctly to avoid overlapping refresh schedules.

Steps to perform a domain refresh

  1. Log in to ADSelfService Plus as an administrator.
  2. Go to Domain Settings on the top left corner of the portal.
  3. Click the Refresh (Update Domain Objects) button under the Actions tab. Select all the objects and click OK.
  4. Click the Schedule AD Synchronizer link on the top left corner.
  5. Ensure that the AD Synchronizer is set to run at an appropriate interval. It is recommended to schedule it to run once every four hours.

Validation and confirmation

  • Check if newly created users and updated attributes are now visible in the ADSelfService Plus reports.
  • Run a sample report from the MFA Non-Enrolled Users Report under Reports > MFA Reports and confirm that it contains newly created users.

Troubleshooting tips

Issue:

Performing a domain refresh does not update the reports.

Resolution:

  • Check network connectivity between ADSelfService Plus and the domain controller.
  • Ensure the configured domain credentials are correct and not locked out.

Best practices

  • Configure the AD synchronizer scheduler to run once every four hours.
  • Regularly verify and update domain credentials to avoid authentication failures.
  • Monitor network connectivity between ADSelfService Plus and the domain controller.