ADSelfService Plus enables work-from-home (WFH) users to reset Active Directory (AD) passwords remotely so that they can accomplish their work without interruptions or security concerns due to domain password issues.
Your download should begin automatically in 15 seconds. If not, click here to download manually.
ADSelfService Plus packs in single sign-on (SSO), multi-factor authentication (MFA) for non-Windows endpoints and cloud applications, password synchronization, password policy enforcer, and directory self-update, in addition to password reset and password expiration notification.
Whether users are working from home or traveling, ADSelfService Plus enables them to handle domain password reset issues on their own.
With MFA and password policy enforcer, ADSelfService Plus helps improve password security, and adds another layer of authentication to secure user accounts.
ADSelfService Plus supports self-service domain password reset for WFH and remote users by enabling users to reset Windows password from their own machines and updating the cached credentials through a VPN client. Here’s how it works:
All you need to do is install ADSelfService Plus, configure remote domain password reset through VPN, and deploy its password reset login agent to the users’ machines. Now, when users working from home forget their passwords or their passwords expire, they can simply reset their passwords from the login screen of their machines.
Password expiration is another major reason remote users are unable to access network resources or get locked out of their accounts. ADSelfService Plus supports sending password expiration notifications to remote users through email, SMS, and push notifications. The notification is completely customizable, supports attachment, can be sent every day, or on particular days, and even be emailed to users’ managers to make sure the users reset their passwords before expiration.
Another challenge with a remote workforce is to ensure security during remote desktop activities. ADSelfService Plus supports 2FA for local and remote desktop Windows logons. Admins can force 2FA for all users or only to remote desktop users by configuring organizational units (OUs) and group-based policies in ADSelfService Plus. They can also choose from 15 different authentication methods, including biometrics, YubiKey, Google Authenticator, SMS and email-based OTP, and push notification authentication.
To make ADSelfService Plus available over the internet for remote users, refer to this guide. It contains step-by-step instructions, including how to set up a reverse proxy for improved security.