[web_stories_embed url=”https://www.protectimus.com/web-stories/authenticator/” title=”Authenticator Protectimus Smart OTP” poster=”https://www.protectimus.com/wp-content/uploads/2023/04/cropped-protectimus-smart-otp-authenticator-app.png” width=”360″ height=”600″ align=”none”]
- Changing the password in AD using the self-service portal works only via LDAPS (SSL) connection; it does not work via LDAP.
- The option to change passwords in AD using the self-service portal is available exclusively for users synchronized from AD; it is not applicable to DSPA users.
1. Update the Protectimus On-Premise Platform1.1. Before updating the platform, stop the platform in services.
1.2. Install the new version of the Protectimus On-Premise Platform, and when selecting a database, choose the one used in the old version of the Protectimus platform.
- Choose the necessary components.
- Click Next.
- Click Next.
- Use your username and password to log in to the PostgreSQL database you created during the first platform installation and click LogIn.
- Enter the name of the database you used in the old version of the Protectimus platform and click Select.
You can click the List button to see the list of available databases if you don’t remember the exact name of the necessary database.
- Preferably, use the same destination folder as previously.
- Once the platform is installed, you will see the changelog describing recent updates; close it.
- Then click OK to finish the installation.
2. Set Up the Protectimus User’s Self-Service Portal
- Open the Protectimus Platform, which is available at http://localhost:8080, and log in to your account. Then, go to the Resources tab, click on the resource name, and navigate to the Self-Service tab.
- If you haven’t enabled the Self-Service Portal for your users yet, click on Enable User’s Self-Service for your resource, and specify the address at which your users will access the Self-Service Portal.
- Now, choose the authentication methods your users will use to log into the Self-Service Portal and specify the actions that will be available to them.
All these access methods can be enabled simultaneously without conflicts. If both Federated Auth and Password Auth are enabled, users can log into the Self-Service Portal using either the AD password or the Platform password; both will be valid:
- Federated Auth: Users log into the Self-Service Portal using their password from Active Directory (AD). If enabled, setting the user’s password within the Protectimus Platform is not required.
- Auth via Security Questions: Users log into the Self-Service Portal by answering secret questions.
- Password Auth: Users log into the Self-Service Portal using the password set in the Users’ settings within the Protectimus Platform.
- Email Auth: Users log into the Self-Service Portal using a one-time code sent to the email specified in the Users’ settings within the Protectimus Platform.
- Password Policy: This feature allows you to set policies for users, enabling them to change/create a password themselves after logging into the Self-Service Portal.
- Change Federated Password: By enabling this feature, you grant users permission to change their AD password through the Self-Service Portal. To change the AD password, they will need to specify both the old and new AD passwords.
- Reset Federated Password: Enabling this feature grants users permission to reset the AD password through the Self-Service Portal, requiring only the specification of the new password.
3. Give Your Users Access to Protectimus User’s Self-Service PortalTo log into the Self-Service Portal, your users will need:
- Either a password or an email registered in the Protectimus platform.
Users with both a password and a registered email address will use the password. For those with only an email, a verification code will be sent to the registered email address. If necessary, you can add passwords or emails in User settings.
- The link specified when enabling the Self-Service Portal.
Users should follow this link, log into their Self-Service Portal account, and they will see the Change Federated Password button and any other activated buttons. Then they should click the respective button and follow the required sequence of steps to perform the chosen action.
- Changing the password in AD using the Self-Service Portal works only via LDAPS (SSL) connection; it does not work via LDAP.
- The option to change passwords in AD using the Self-Service Portal is available exclusively for users synchronized from AD; it is not applicable to DSPA users.