Knowledge Base

Our dedicated Product Specialist team is always ready to help you when you need it the most. Contact Support

Specops uReset (8.0 and later)

Enrolling Admin Accounts and Troubleshooting AD Permissions Issues Affecting Enrollment

When a user is enrolling in uReset or Specops Authentication, they might receive one of the following error messages: Your organization’s server is not configured properly to access your account Unable to write enrollment data due to your account being a member of an elevated group. When this happens, this indicates the Specops Authentication Gatekeeper...

Unable to Delete Users with Leaf Objects

Specops Password Policy, Password Reset, and uReset/Specops Authentication all use leaf objects under user accounts for the purposes of storing user specific information — for Password Policy this includes password history and length-based password age information; for Password Reset and uReset/Specops Authentication the leaf object contains user enrollment data. The advantage of using a leaf...

Enabling uReset for Off-Network Clients

In this article we will review the steps required for enabling domain-joined Windows clients with the Specops Authentication Client to use uReset from the Windows login screen. These steps are not always needed, but are recommended for clients that do not frequently connect to the corporate LAN or VPN. If this is not done, you...

Enabling Email Notifications from Specops Authentication

Email notifications sent from the Specops Authentication platform (uReset, Secure Service Desk, Key Recovery) must be sent from an email address in the customer domain or if you use your own SMTP settings, you are only limited by what addresses your SMTP server can send to. Custom SMTP settings – use your own email provider...

Specops Is Not Accurately Displaying my Domain Password Policy or Fine-Grained Password Policy

In Specops Password policy administrative tools or in Specops uReset/Password Reset you may find that the displayed password policy rules from Active Directory do not appear accurate. All Specops password products respect both the default and fine-grained password policies as configured in Active Directory and are displayed by reading the relevant configuration attributes directly from...

Moving Specops Authentication Mobile Numbers to a Custom Attribute

By default, when a user is enrolled in the mobile code (SMS) identity service, the mobile number entered by the user is stored in the mobile attribute on the user’s account in AD.  In some organizations this may not be ideal, as the phone number becomes visible to users in the other applications (e.g. Exchange/Office...

How to Configure a Firewall for Specops Authentication

Specops Authentication is the hybrid cloud platform which is the foundation for uReset, Secure Service Desk, and Key Recovery. This article will detail network requirements for connecting to the Specops cloud. Gatekeeper Servers The Gatekeeper server enables connections to your on-prem Active Directory servers by establishing an outbound TLS-encrypted connection initiated from your internal network....

Error Saving Identity Service Configuration

When configuring third party identity services (e.g. Duo, Okta, Verify, PingID, Symantec VIP) you may encounter an error after saving the configuration in the Identity Services section of the Specops Authentication Admin Web That shouldn’t happenSomething went wrong, an unexpected error occurred on your organization’s server. If you check the Specops event log under Applications...

Enabling uReset Password Reset for Active Directory Admin Accounts

The Specops Authentication Gatekeeper Server responsible for writing enrollment information and resetting passwords in AD runs as a low-privilege service account. By default it will not have reset passwords for admin accounts in Active Directory protected by adminSDHolder. For issues with during enrollment see the following knowledge base article: https://specopssoft.com/knowledge-base/specops-ureset-8/enrolling-admin-accounts-troubleshooting-ad-permissions-issues-affecting-enrollment/ If you have already completed...

Specops Authentication Configuration Hardening Guide

Specops Authentication services (uReset, Secure Service Desk, Key Recovery) run on public cloud infrastructure and by default are accessible from anywhere on the internet. We offer several features that can enable admins to restrict access to certain features of the application in order to minimize the attack surface for brute force or passwords spray attacks...
Next Page »