Specops Password Sync Server service uses a self-signed certificate to encrypt traffic sent to it by the Password Sync Notifier Filter Service on your domain controllers. This certificate should be renewed prior to expiration in order to prevent communication... Read More
Scheduling Password Policy Daily User Counting
Note: This article applies only to Password Policy version 7.6 or later The Specops Sentinel Service installed on the domain controller holding the PDC emulator role will run a daily task that performs the following operations: Updating the count... Read More
Delegate Access to Manage Specops Password Policy
By default Password Policy configuration is allowed only by domain admin and other high-privilege AD user accounts. This article details the steps required to delegate management of Specops Password Policy to non-admin users. Active Directory System Settings Containers Global... Read More
Specops Authentication Client Support for Active Directory Fine Grained Password Policies
Beginning with version 7.15, the Specops Authentication client supports dynamic feedback during CTRL+ALT+DEL password changes. Users are presented with real time feedback on the password policy requirements for both Specops Password Policy policies and for native Active Directory password... Read More
Using Major League Baseball team names as passwords is a homerun for hackers
The Cincinnati Reds, America’s oldest baseball team, may have one of Major League Baseball’s (MLB) worst pre-season odds to win the World Series, but the team sits alone in first place on Specops’ breached password list. This is according... Read More
Enabling Email Notifications from Specops Authentication
Email notifications sent from the Specops Authentication platform (uReset, Secure Service Desk, Key Recovery) must be sent from an email address in the customer domain. Allowed Domains The sender address must be from an email domain associated with your... Read More
Enabling uReset Password Reset for Active Directory Admin Accounts
The Specops Authentication Gatekeeper Server responsible for writing enrollment information and resetting passwords in AD runs as a low-privilege service account. By default it will not have reset passwords for admin accounts in Active Directory protected by adminSDHolder. For... Read More
Error Saving Identity Service Configuration
When configuring third party identity services (e.g. Duo, Okta, Verify, PingID, Symantec VIP) you may encounter an error after saving the configuration in the Identity Services section of the Specops Authentication Admin Web That shouldn’t happenSomething went wrong, an... Read More
Enabling the Logon Tile for Password Reset
This article will review how to replace the Reset Password link below the password field with a separate user logon tile that launches the password reset page. These steps will work with the Specops Authentication client for both uReset... Read More
Update Certificate Pinning for uReset 7.12 And Earlier (Feb 2021)
On February 2, 2021 at 15:00 GMT Specops will need to renew/replace the certificate for www.ureset.com. Due to the way the uReset 7 Gatekeeper has implemented certificate pinning, customers will need to update pinning information in the registry in... Read More