ADSelfService Plus can update local cached credentials stored in users’ machines, so that remote users can access their machines even if they forget their passwords.
How it works
Fig 1: Image showing how Cached Credential is updated by the GINA/CP Client
When remote users forget their passwords, they can use ADSelfService Plus’s GINA/CP client to reset their password from the logon screen of their machines.
ADSelfService Plus resets the password in Active Directory and also notifies about the successful password reset to the GINA/CP client.
The GINA/CP client establishes a secure connection with the Active Directory through the VPN client.
Once the connection is established, Active Directory updates the cached credentials in the users’ machines.
Supported VPN clients:
Windows Native VPN
Checkpoint EndPoint Connect
SonicWall Global VPN
If you have any queries regarding Custom VPN configuration, please contact firstname.lastname@example.org.
Fig 2: Image depicting the list of supported VPN clients.
Navigate to Configuration → Administrative Tools → GINA/Mac (Ctrl+Alt+Del).
Click Updating Cached Credentials over VPN.
Select Enable VPN settings.
Select the VPN Provider from the drop-down list.
Enter the VPN Server HostName/IP address and VPN Server port no in their respective fields.
Enter the location where the VPN client (Example: C:\Program Files (x86)\Fortinet\FortiClient) is installed on the users' machines.
For Custom VPN, macros (%username%, %password%, etc.) can be used in the VPN Connect/Disconnect Command. (Note: The syntax for the VPN Connect/Disconnect Command vary depending on the VPN provider used.)
connect -s adsspvpn -h %servername%:%portno% -u %username%:%password%