Without quick action, unauthorized or inappropriate password modifications can expose sensitive data of your users and put your organization at legal and financial risks. ADSelfService Plus, the self-service password management solution from ManageEngine, solves this problem by sending real-time notifications to end-users immediately after their passwords are changed or reset. Notifications are sent by Email and/or SMS as soon as a password change is detected allowing users to quickly react and prevent further damage.
Users are immediately notified about changes to their passwords, whether the change was made through ADSelfService Plus’s own self-service portal or natively in Windows through Ctrl+Alt+Del screen. A password sync agent, which comes bundled with ADSelfService Plus, takes care of notifying end-users about native password changes.
ADSelfService Plus, the self-service password management solution, makes it easier for administrators to ensure that password changes made natively using Windows interfaces are kept synchronized with associated IT systems and applications. With password changes, whether web-based or native, being synced automatically and in real-time, administrators can avoid the overhead of manually synchronizing passwords between end-users’ multiple accounts.
Synchronizing native Windows password changes such as password change via Ctrl+Alt+Del screen and password reset via ADUC console is accomplished by a “Password Sync Agent”. The agent also sends a notification Email and/or SMS to end-users immediately after their passwords are changed or reset. The agent comes bundled with ADSelfService Plus as a MSI file and should be installed on a primary domain controller.
The Password Sync Agent functions as a background service and is continuously on the lookout for password changes. Here’s what happens when an end-user initiates a native password change:
Refer this guide for more information on how to install and configure the Password Sync Agent.
The entire process - from users changing their passwords in Active Directory to the passwords being synchronized in target systems and applications - takes less than 30 seconds. As with web-based password synchronization, native password synchronization can also be configured in such a way that it is available to only a select group of users. Users can also select which of their target accounts are to be included in the password synchronization process by linking their non-Windows accounts with ADSelfService Plus.
The password sync agent is capable of synchronizing native Windows password modifications with Google Apps, Office 365, Salesforce, Zendesk, Microsoft Dynamics CRM, Zoho, IBM AS/400, HP-UX, Oracle Database and Oracle E-Business Suite.