Pricing  Get Quote


ADSelfService Plus in action

How to reset passwords in Linux OS with ADSelfService Plus

IT admins are equipped to deal with much more than simple password reset calls from frustrated employees. However, when there's a huge spike in calls to unlock user accounts or reset passwords, the admin productivity is hindered and they're forced to deal with redundant tickets. Wouldn't it be great if they could simply enable users to reset their passwords on their own and unlock their accounts from their login screens?

Self-service password reset (SSPR)

With ADSelfService Plus, users can reset their passwords from:

  1. The logon screens of their Windows, Linux, or macOS machines.
  2. Web browsers by accessing the ADSelfService Plus portal, which can be configured to be accessed through all major web browsers.
  3. Their mobile devices by accessing the ADSelfService Plus iOS or Android mobile app or mobile site.
  4. Their private networks, even remotely. Furthermore resetting their passwords, ADSelfService Plus also lets users update their cached credentials.

Password self-service from the Linux login screen

IT administrators can enable users to reset their Active Directory (AD) domain passwords from the login screen of Linux OS using ADSelfService Plus.

ADSelfService Plus: The right password reset software for Linux

  1. ADSelfService Plus places a Reset Password/Unlock Account link (also called the logon agent) on the login screen of Linux OS machines.

  2. Clicking this link will open the password reset portal. Users are required to prove their identity through any of the enforced authentication methods, like SMS-based one-time passwords (OTPs), email-based OTPs, Google Authenticator, DUO Security, and RSA SecurID.



    1. Users must be enrolled in ADSelfService Plus to use the self-service password reset and self-service account unlock capabilities.
    2. Enrollment is a one-time process where users enter their mobile number and email address, set answers to security questions, and provide other details in ADSelfService Plus in order to register for self-service password management. Learn how to enroll users.
  3. Once the user’s identity is successfully verified, they will be allowed to reset their forgotten AD domain passwords.

    Tip: Improve password security. Do you think users are employing weak passwords to secure their Linux machines? Help them create strong user passwords with the Password Policy Enforcer.

Installing the ADSelfService Plus logon agent on users' machines

Before users can reset from their Linux login screen, admins have to deploy the logon agent on the users’ machines in the following ways:

  1. 1. Installation from the ADSelfService Plus admin console:
    1. Download and install ADSelfService Plus.
    2. Navigate to the Configuration tab → Administrative ToolsGINA/Mac/Linux.
    3. Click GINA/Mac/Linux Installation.
    4. In the New Installation section, choose the required Domain from the drop-down.
    5. Click Add OUs to select the OUs for which the logon agent must be installed. Click Get Computers.
    6. Now, select the computers to which the logon agent needs to be pushed.

    7. Click Install.
  2. 2. Manual installation
    1. Copy the, ‌ADSSPLinuxClient.tar.gz from this folder: <Install Directory>\bin (Default location: C:\Program Files\ManageEngine\ADSelfService Plus\bin).

      Note: You need to copy the TAR file based on the client OS architecture. There will be two TAR files:

      1. ADSSPLinuxClient.tar.gz for i686 clients (32-bit).
      2. ADSSPLinuxClient64.tar.gz for x86-64 clients (64-bit).
    2. Paste the copied files in the Home folder of the Linux machine.
    3. Launch the Linux terminal and execute the following commands:
      sed -i 's/\r$//'
      sudo bash -install -serverName <adssp-server/IP> -portNumber <adssp-server-port> -protocol <adssp-server-protocol>


      1. serverName = The name of the machine in which ADSelfService Plus is deployed.
      2. portNumber = The port number using which ADSelfService Plus is running.
      3. protocol = The protocol with which ADSelfService Plus is running (http or https).

Self-service Password Reset from Linux login screen for local/remote users.

  • Please enter a business email id
    By clicking 'Get Your Free Trial', you agree to processing of personal data according to the Privacy Policy.


Your download is in progress and it will be completed in just a few seconds!
If you face any issues, download manually here


See this feature inaction now!

By clicking 'Talk to an expert', you agree to processing of personal data according to the Privacy Policy.

ADSelfService Plus trusted by

Embark on a journey towards identity security and Zero Trust
Email Download Link