Post on 11-Apr-2017
transcript
Self-service password management and single sign-on for on-premises Active Directory and cloud applications
Harish SekarTechnical consultant, Active Directory Solutions
"Your password is like your toothbrush.Don't let anybody else use it, and get a new one every six months."
A wise man once said. . .
Agenda
Session 1: Modernize password self service with the latest authentication techniques
Session 2: Password expiration notification and Universal Password Policy Enforcer
Session 3: One Identity (Synchronize password changes + SSO)
Session 4: Ensure 100% enrollment for password self service
Session 1
● Implement enrollment-free password reset
• Use personal mobile number and email address for authentication ● Strengthen password reset through multi-factor authentication
• Security Q & A• Google Authenticator
Modernize password self service with the latest authentication techniques
Modernize password self service
• Two-factor authentication for access to ADSelfService Plus portal- Self update- Change password
ADSelfService Plus two-factor authentication
• Access for users on premise- Gina/MAC
• Access for remote users
• Web-based, not Microsoft GUI based- Allows for easier communication with user- Allows for user to reset password remotely
• Features include- Custom message- Message can include URL link- Administrative tools – Gina/MAC
End user password resetPassword Reset and Unlock
• Multiple notifications to users about password/account expiration
• Strong, custom password policy for native password changes done through ADUC console
Password expiration notification and Password Policy Enforcer
Session 2
Password expiration notification
Password Policy Enforcer
● Synchronize password changes in real time between AD and Office 365
• Self-reset Office 365 password without resetting AD password
● One-click access to SaaS apps through SSO
Real-time password change synchronization from AD to Office 365
Session 3
Password sync: one solution,multiple platforms!
● End-user enrollment reminders via email and push notifications
• Force enrollment when users logon to their computers
● Automatic user enrollment• CSV file • External data source
Ensure 100% enrollment for password self service
Session 4
Ensure 100% enrollment for password self service
Quick enrollment
How to access ADSelfService Plus
Questions are guaranteed in life. Answers? We'll get there!
Thank you!
hary@manageengine.com