Ensuring users can reset their passwords and unlock their accounts remotely
As many of you know, our ADSelfService Plus product allows employees to reset their forgotten passwords and to unlock their own user accounts. These features are wildly popular as organizations know that their employees are familiar with these actions with their Internet-based accounts. So, it only makes sense to bring these functions into the organization to support Active Directory user accounts, too.
We wanted to ensure that all organizations that have ADSelfService Plus aware of all of the options possible for users to perform these actions, whether they are on-premise or remote.
For on-premise, there are three options that can be provided to employees to reset their passwords or unlock their user accounts.
Option 1: Mobile application using their iPhone or Android phone, as shown in Figure 1. The mobile application can be downloaded using the App Store or Play Store.
Figure 1. ADSelfService Plus mobile app interface.
Option 2: The ADSelfService Plus portal using another computer on the network, where a user is logged on. Not the ideal solution, but one that is very common for existing customers. Since a user can quickly access the ADSelfService Plus portal, http://servername:8888, without needing to access any applications or files on the computer, this provides a quick and secure solution. The portal can be seen in Figure 2.
Figure 2. ADSelfService Plus portal using browser.
Option 3: The ADSelfService Plus GINA update provides access from the user’s desktop logon screen, as shown in Figure 3. This GINA update is pushed out from ADSelfService Plus quickly and efficiently. The GINA update allows a user to easily reset their password or unlock their user account without the need of any other device.
Figure 3. ADSelfService Plus GINA update.
For remote employees, ADSelfService Plus can also be utilized to reset passwords and unlock user accounts. Here, because the employee is not on the corporate network, additional options are available. The ADSelfService Plus mobile application from the on–premise option is still valid for remote employees. However, the GINA update and portal options need to be altered to allow access back to the ADSelfService Plus server. Since the GINA update and portal option are HTTP/HTTPS–based, the URL can be altered to provide access through the Internet back to the network. To see the complete list of steps for these options, please refer to this document.
Now, you have the solutions available to your employees when they need to reset their passwords or unlock their accounts using ADSelfService Plus. Giving employees options is always a good idea in order for them to choose the option works best for them. If you do not have ADSelfService Plus at this point and want to try it out, you can download it here.