Resetting forgotten login passwords of domain users is a crucial bottleneck, which a help desk technician has to handle as a routine. A password reset ticket or a forgotten login password has to be addressed within minutes in-order to avoid employee downtime and productivity loss. It is estimated that atleast 40 percent help desk tickets are related to password resets and on an average each change password ticket is time consuming (about 20 minutes) thus prevents the helpdesk from focusing on more pressing issues.
A self service password reset solution that allows an end user to self reset his domain password in windows active directory remotely from a web browser without calling the helpdesk is an essential requirement. A self service password reset and management solution not only reduces the number of help desk password tickets but also enhances the productivity of an end user by averting unnecessary and prolonged waits.
With ADSelfService Plus, domain users can self reset their ldap active directory password securely with ease by answering a set of self configured validation questions. ADSelfService Plus further allows an Administrator to:
To bring about user self-password reset at the press of Ctrl+Alt+Del keys, ADSelfService Plus provides its administrators with the GINA/CP client software, an extension of MS GINA, which comes with the additional functionality of displaying Reset Password/Unlock Account button in the Winlogon ("Ctrl+Alt+Del") screen. For more details on GINA/CP client software, click on Managing Passwords Using ADSelfService Plus - GINA/Credential Provider
Deploying additional helpdesk employees though considered by most IT Managers / Administrators will address the ticket volumes for login password resets. In the long run, the costs to maintain additional workforce will exceed the return on investment, and the quality of work a helpdesk performs. ADSelfService Plus self service password management software provides an ever in demand solution where any domain user can reset his own password from a web-based console from a remote location in the LAN, the ldap password reset tool eliminates the need to call a help desk technician and in-turn the cost associated with it.
For any password self-service software, the foremost duty is to establish the identity of the user requesting password self-service. ADSelfService Plus employs two techniques in order to verify and establish the identity of a user:
In the first case, the user answers a set of predefined security questions and in the second method, the user has to successfully reproduce the verification code sent to his mobile or e-mail id to establish his identity. You can choose to exercise both these user identification methods for enhanced security. Learn more about the need and benefits of Identity Verification process.
Domain users are protected from destined/accidental reset of domain login passwords by other users when using the service. The self password reset software allows only those users who are enrolled in it by answering a set of hint question and answers and/or by entering their mobile number and e-mail id to perform a self password reset.
The simple enrollment process involves selecting preferred challenge questions from an available list of questions or adding self framed challenge questions like 'what is your mothers maiden name', 'what is the color of your car' or any other question which the domain user feels specific to him and will challenge any other unauthorized user from detecting his/her password identity. The answers provided to the questions at the time of enrollment by the end user are stored in ADSelfService Plus and are compared for verification of the end user at his next login. If a mismatch occurs the user is not permitted to perform self service password management functions and is prevented from logging in the web portal.
The Limits for the validation questionnaire include :
The limits are set by the administrator from the admin console of the self password reset software and notified to all users in the Windows Active Directory. The self service reset password management solution has a built in bulk emailing utility to notify all users present in the configured domain to enroll themselves. Any domain user can perform a password reset or account unlock once enrolled with the password reset tool by answering the validation questionnaire.
Administrators can also choose to enable SMS/E-mail verification code check. Enrollment is not required should you choose only SMS/E-mail verification code, as ADSelfService Plus automatically collects the required information (mobile number and e-mail id) of the user from Active Directory.
The above are few examples of the routine password queries that administrators and delegated help desks have to face which can be eliminated by using ADSelfService Plus - Self Service Reset Password Management Solution.
Schedule reports on soon to expire passwords and also notify users by email. ADSelfService Plus automatically emails users on the time of password expiry at regular time intervals as scheduled by the administrator from the admin console of the password reset software alerting users to reset login password. Alarming an end user well ahead of time on a soon to expire login password ensures that account lockouts are minimized to a bare minimum.
Synchronize Windows Active Directory password reset made using ADSelfService Plus across multiple platforms. When a user makes changes to his Windows Active Directory password using ADSelfService Plus, the changes are automatically reflected in other systems too. This way, users will only have one password to remember for all the systems they have access to, and you can ensure that the new Windows AD password set by the user is automatically updated across different platforms without any intervention from the user or administrator. Learn more about Password Synchronizer.
A self service password reset solution coupled with periodic notification on soon to expire passwords heightens the confidence of an administrator to set more complex password policies in the Active Directory. Setting complex password policies helps confirm to Audit requirements. More on active directory password compliance.
ADSelfService Plus with its advanced functionality allows an automatic reset of passwords at scheduled intervals of time if configured in the Admin Portal by the administrator. An automatic scheduled reset of password enables smooth and efficient password policy enforcement. More on automatic password reset.
Free Active Directory users from attending lengthy help desk calls by allowing them to self-service their password resets/ account unlock tasks. Hassle-free password change for Active Directory users with ADSelfService Plus ‘Change Password’ console.
Get seamless one-click access to 100+ cloud applications. With enterprise single sign-on, users can access all their cloud applications with their Active Directory credentials. Thanks to ADSelfService Plus!
Intimate Active Directory users of their impending password/account expiry by mailing them these password/account expiry notifications.
Synchronize Windows Active Directory user password/account changes across multiple systems, automatically, including Office 365, G Suite, IBM iSeries and more.
Ensure strong user passwords that resist various hacking threats with ADSelfService Plus by enforcing Active Directory users to adhere to compliant passwords via displaying password complexity requirements.