ADSelfService Plus is an integrated Active Directory tool that can help you drastically reduce password related help-desk calls with its self-service password management and single sign-on features. It is used for password expiration notifications, password policy enforcement, Active Directory 2FA, and much more.
The user-friendly interface helps domain users efficiently self-update personal details, self-service passwords on premises or remotely, and subscribe to mail groups in Microsoft Windows Active Directory. However, access to these self-service features needs to be highly secure, because unauthorized access could lead to sensitive data being exposed. ADSelfService Plus has your users' access covered with two levels of authentication during login.
ADSelfService Plus uses advanced authentication techniques to enforce two-factor authentication for Active Directory during:
Two-factor authentication solution (2FA) for Active Directory user accounts provides added security to users who log on to ADSelfService Plus. Each time users log on, they need to enter the Active Directory domain credentials, which is followed by a verification process. The secondary authentication happens via codes sent through SMS or email, biometrics fingerprint, Duo Security, or RSA SecurID. This ensures that there is no threat to user information, even if someone manages to discover their password.
When this authentication method is enabled, users are required to verify their identity by answering the questions they previously responded to.
When enabled, the SMS and email-based verification method sends a code to the user's phone or email address. The user must enter the uniquely generated code in order to successfully log in each time.
Duo Security is a two-factor authentication service. If you have Duo Security enabled, your identity is verified through a verification code, by call or push notification, from the Duo mobile app.
RSA SecurID is an authentication service in which a one-time passcode is generated in either the RSA mobile app, hardware token, or RSA authentication manager. Users can deploy the unique passcode to prove their identity and securely log in to ADSelfService Plus.
With RADIUS Authentication, users can verify their identity using their RADIUS password which will in turn facilitate a smooth and secure access to their ADSelfService Plus portal.
When Google Authenticator is enabled, the user is required to open the app and enter the code displayed in Google Authenticator to verify their identity.
With push notifications enabled, users will get a login request sent to the ADSelfService Plus mobile app on their registered mobile device. They can either approve the authentication request or press deny to reject unexpected requests.
With Fingerprint authentication enabled, the user can use their registered mobile device with a fingerprint sensor to prove their identity.
By enabling Face ID authentication, the user can use the face recognition system in their registered device for identity verification.
Users simply need to scan the QR code displayed on their ADSelfService Plus web portal from their registered mobile device to prove their identity.
Users have to enter the 6-digit passcode during the authentication process within a specific amount of time to complete their identity verification.
When this method is enabled, the security questions are linked to an AD attribute, and users are successfully authenticated when their answers match that specific attribute value.
When Microsoft Authenticator is enabled, the user is required to open the app and enter the code displayed in Microsoft Authenticator to prove their identity.
ADSelfService Plus supports Yubikey, an authentication device that identifies itself as a keyboard and delivers the one-time password over the USB HID protocol. Once enrolled, users can use Yubikey to prove their identity.
When SAML Authentication is enabled, the user is required to authenticate with the chosen identity provider (IdP) to prove their identity.
With Zoho OneAuth TOTP enabled, the user is required to open the Zoho OneAuth app and enter the 6-digit one time passcode to prove their identity.
Users simply need to enter the one time passcode from the configured custom TOTP application to prove their identity.
When this method is enabled, a pop-up with a list of certificates to choose from appears in the browser. The chosen certificate is then matched with the userCertificate value in Active Directory for identity verification.
Your download is in progress and it will be completed in just a few seconds!
If you face any issues, download manually here
Free Active Directory users from attending lengthy help desk calls by allowing them to self-service their password resets/ account unlock tasks. Hassle-free password change for Active Directory users with ADSelfService Plus ‘Change Password’ console.
Get seamless one-click access to 100+ cloud applications. With enterprise single sign-on, users can access all their cloud applications with their Active Directory credentials. Thanks to ADSelfService Plus!
Intimate Active Directory users of their impending password/account expiry by mailing them these password/account expiry notifications.
Synchronize Windows Active Directory user password/account changes across multiple systems, automatically, including Office 365, G Suite, IBM iSeries and more.
Ensure strong user passwords that resist various hacking threats with ADSelfService Plus by enforcing Active Directory users to adhere to compliant passwords via displaying password complexity requirements.