0 votes

We have a few password self-service policies mostly using the Microsoft Authenticator app but certain users need to use Questions instead. We have a single user that, in the admin console, appears to have the correct password self-service policy.

image.png

But when they sign in to the self-service portal to enroll, it is showing a different policy applying asking her to enroll using the Authenticator app.

image.png

I have tried resetting her account even though it shows that she is not enrolled with no luck. I have also had her use private or incognito mode to make sure it is not a cache issue. Your help is greatly appreciated!

by (2.3k points)

2 Answers

0 votes
by (2.3k points)
Best answer

We set the policy to force enrollment and that seems to clear whatever it was holding onto so the user could enroll in the new policy.

0 votes
by (216k points)

Hello Mark,

Could you, please, confirm that the account whose credentials were specified for logon to the Self-Service Web Interface is the same one the look up for policy in Adaxes Administration Console was performed for? If it is, please, post here or send us (support[at]adaxes.com) a screenshot of the Authentication tab of the No cell phone password self-service policy. We need something like the following: image.png

0

I have confirmed the same account is being used. Here is a screenshot of the policy:

image.png

0

Hello Mark,

Thank you for the provided details. Does the issue persist when you logon with the user credentials from another computer? If it does, please, describe the operations that the user performs to get to the Selbstandiges Kennword-Zurucksetzen wizard step by step and send us (support[at]adaxes.com) the screenshots of each step.

Related questions

0 votes
1 answer

This may be a dumb question, but If a user is enrolled in the Self Service password reset under a policy applied to a specific OU, what happens when the user is moved ... policy? Are they prevented from using the service at all or simply not allowed to enroll?

asked May 27, 2016 by johnsonua (390 points)
0 votes
1 answer

Hi there, we are already successfully using the password self service via webinterface for our ad domain users. In addition to this are we in the testing phase of the password ... has the same problem and maybe can report how they solved it. Thanks in advance.

asked Oct 27, 2021 by khess (20 points)
0 votes
1 answer

I see the script for generating a report of users enrolled, but what I'd like to do is run a script that can populate a user attribute with Yes/No or True/False if they are or are not enrolled. Is there an existing script that accomplishes this? Thanks

asked 3 days ago by msheppard (470 points)
0 votes
1 answer

Hi, is there a way to manually unblock a user from Password Self-Service in case he entered his/her answers incorrectly and can't wait the predefined time until he gets automatically unblocked? Regards Ingemar

asked Dec 5, 2013 by ijacob (960 points)
0 votes
1 answer

We need to know specifically for self service password management what level of access in AD do I specifically need.

asked May 9 by justinspring (20 points)
3,548 questions
3,238 answers
8,232 comments
547,810 users