Knowledge Base

Our dedicated Product Specialist team is always ready to help you when you need it the most. Contact Support

Specops uReset (8.0 and later)

Enrolling Admin Accounts and Troubleshooting AD Permissions Issues Affecting Enrollment

When a user is enrolling in uReset or Specops Authentication, they might receive one of the following error messages: Your organization’s server is not configured properly to access your account Unable to write enrollment data due to your account being a member of an elevated group. When this happens, this indicates the Specops Authentication Gatekeeper...

Unable to Delete Users with Leaf Objects

Specops Password Policy, Password Reset, and uReset/Specops Authentication all use leaf objects under user accounts for the purposes of storing user specific information — for Password Policy this includes password history and length-based password age information; for Password Reset and uReset/Specops Authentication the leaf object contains user enrollment data. The advantage of using a leaf...

Enabling uReset for Off-Network Clients

In this article we will review the steps required for enabling domain-joined Windows clients with the Specops Authentication Client to use uReset from the Windows login screen. These steps are not always needed, but are recommended for clients that do not frequently connect to the corporate LAN or VPN. Identify Enroll and Reset URLs Launch...

Specops Is Not Accurately Displaying my Domain Password Policy or Fine-Grained Password Policy

In Specops Password policy administrative tools or in Specops uReset/Password Reset you may find that the displayed password policy rules from Active Directory do not appear accurate. All Specops password products respect both the default and fine-grained password policies as configured in Active Directory and are displayed by reading the relevant configuration attributes directly from...

Moving Specops Authentication Mobile Numbers to a Custom Attribute

By default, when a user is enrolled in the mobile code (SMS) identity service, the mobile number entered by the user is stored in the mobile attribute on the user’s account in AD.  In some organizations this may not be ideal, as the phone number becomes visible to users in the other applications (e.g. Exchange/Office...

Wrapping Custom Credential Provider using the Registry

While we recommend using the client ADMX template, often for testing or remote users we must create the registry keys that the ADMX would create through some other means. For specifying which credential provider to wrap, create the following string value in the registry: Change the GUID value to the appropriate GUID for the credential...

Wrapping Third Party Credential Providers

The Specops Authentication client operates as a Windows credential provider in order to enhance the user experience when using Specops products from AD-joined Windows workstations. For Specops Password Policy this means improving the user feedback during a CTRL+ALT+DEL password change. For Specops uReset and Password Reset customers, our client provides a link for the user...

Upgrading Specops Authentication Gatekeepers on Server Core

For servers with Desktop Experience, the Gatekeeper can be upgraded directly within the Gatekeeper admin tool. For Server Core server editions (or if you prefer to automate upgrades on any edition of Windows), the upgrade can also be done in PowerShell using the following script:

Error Saving Identity Service Configuration

When configuring third party identity services (e.g. Duo, Okta, Verify, PingID, Symantec VIP) you may encounter an error after saving the configuration in the Identity Services section of the Specops Authentication Admin Web That shouldn’t happenSomething went wrong, an unexpected error occurred on your organization’s server. If you check the Specops event log under Applications...

How to Configure a Firewall for Specops Authentication

Specops Authentication is the hybrid cloud platform which is the foundation for uReset, Secure Service Desk, and Key Recovery. This article will detail network requirements for connecting to the Specops cloud. Gatekeeper Servers The Gatekeeper server enables connections to your on-prem Active Directory servers by establishing an outbound TLS-encrypted connection initiated from your internal network....
Next Page »