Configure OS integration
With Adaxes, users can reset their forgotten passwords and unlock accounts in Active Directory directly from the computer login and lock screens. Moreover, self-service password reset is possible on computers that are not connected to a domain controller or with no network access at all. In this case, Adaxes updates the local credentials cache making it possible to login with the new password immediately.
To use these features, install Adaxes self-service client on the computers where these features should be available, and configure it. For more details, see the Self-service client installation guide.
Third-party integration
The self-service client on Windows can integrate with third-party credential providers that support wrapping. This allows you to combine the functionality of two credential providers on the same Windows logon tile. For example, you can enforce the MFA authentication requirement of Duo and still be able to reset passwords via the Adaxes self-service client.
To integrate with a third-party credential provider:
-
Launch Adaxes administration console.
How
-
On the computer where Adaxes administration console is installed, open Windows Start menu.
-
Click Adaxes Administration Console.
-
-
In the Console Tree, expand the Adaxes service node (the
icon represents service nodes). -
Expand Configuration / Password Self-Service and select OS Integration.
-
In the Result Pane on the right, click More options.
-
On the Integration tab, enable the Integrate with checkbox and select the credential provider you want to integrate with.
Adaxes works with Duo Authentication for Windows Logon and PingID for Windows Login out of the box.
If you selected Other, you might need to whitelist the Adaxes self-service client GUID in the settings of your credential provider. Refer to the third-party vendor documentation for details on how to do it. The Adaxes self-service client GUID is
{FBB91FEC-A651-4A42-BEA4-6B78EB772FFA}. -
Click OK, and then click Save.