RESET AND UNLOCK:

 

The Reset & Unlock tab provides you with the following features:

Unlock Account During Password Reset

 

Selecting this option would automatically unlock 'the locked-down user accounts'.This event takes place simultaneously as the end-users perform the 'Password Reset' task.

 

Upon Password Reset,Force Users To Change Password At Next Logon

 

This option,when selected,would force the end-users to 'change their passwords' as they try to login to ADSelfService Plus after undertaking the 'Password Reset' operation.

 

Password Reset/Unlock Account Session Should Last For _ Mins

 

You - the admin- are provided with the rights to 'configure the time period' for the 'Password Reset/Unlock Account' sessions.

 

Enable Password Strength Analyzer

 

As the name suggests,this option,when selected,will enable the 'Password Strength Analyzer' feature.

 

Password Strength Analyzer: A feature that assists the end-users to view the strength of the password as they configure the same. Enabling the 'Password Strength Analyzer' would bring to light, 'a set of standards' that can be imposed onto the passwords that the end-users configure.

 

The various standards listed under the this feature are: Provide a check against "Enforce Password Strength Level"  to enforce desired Password Strength.

  • Strong
  • Good
  • Weak
  • Too Short

'Strong' & 'Good' are the two ideal standards that can be imposed onto the passwords that the end-users configure..



Text/Mail Auto Generated Password to End-User

 

You have to enable this checkbox in order to dispatch the newly created passwords to the end-user accounts. Passwords will be automatically generated based on the custom password policy you have configured in ADSelfService Plus. If the auto-generated password fails to comply with the domain password policy, then the user will be redirected to the password reset page to manually reset the password.

 

Display "Select Mobile no/ Email address" message in the mail/mobile drop-down list

 

Upon selecting this option, users will see a "Show Mobile no/ Email address" default message in the mail/mobile drop down box while selecting where they want to receive the verification codes during login and while performing password self-service operations.

 

Partially hide Email Id/Mobile number on "Verification Code" page

 

Select this option if you want to hide users' mobile number and email ID to be hidden partially when they choose verification code method.

 

Prevent a user from using 'Copy & Paste' in the password fields

 

Selecting this option would prevent users from copying texts and pasting it in the password field during password reset or change password. This setting when enabled will force users to type the passwords manually.

 

Allow users to retry reset without going through ID verification again

 

Selecting this option will allow users to retry password reset without having to go through the identity verification process again. For example, if a user enters a password that does not comply with the domain password policy requirements during password reset, the user can retry and directly enter a new password without having to go through the identity verification process again.

 

Enforce Active Directory password history settings during password reset

 

By selecting this option, you can prevent the user from using their previously set passwords during reset. The Active Directory history rule will be enforced and the user will not be able to override it. It will unlock the user account if it is locked.


Checking "password history settings" during a password reset is impossible due to Active Directory's design. The product attempts to collect old password from users who can remember them or assigns a temporary password for them. It then changes the password to the New Password keyed in by the user after checking the new password with the password history settings.


Note:

  • To make this feature work, the flag User Cannot Change Password should be disabled.
  • Since the product assigns a temporary password before resetting the password, the temporary password occupies one position of the password history. If you wish to enforce password history without the changed password taking up a spot, use the Password policy Enforcer

 

 

Copyright © 2019, ZOHO Corp. All Rights Reserved.
ManageEngine