AD Self Password Management

IT research shows that almost 30% of an administrator's time is spent resetting employee passwords and unlocking the locked out accounts. And the task of resetting forgotten passwords needs to be completed on priority basis because it directly accounts to loss of productivity. Therefore, to avoid such downtime and resource loss, the task of resetting forgotten passwords becomes a bottleneck for an administrator.

To bypass this bottleneck, every organization must implement a self-password reset solution that helps the employees to reset their passwords on their own. This means, the employees do not need to raise a password reset ticket and wait for the admin to reset the password. Let us see the below given figure to understand the importance of the self-password reset solution:

Lepide Active Directory Self Service (LADSS) helps increasing employee productivity, reducing admin workload and increasing ROI by enabling the employees to reset their passwords by themselves. With LADSS, any employee can reset his/her password directly from his/her own login screen or using a web browser in just three steps:

Lepide Active Directory Self Service (LADSS) helps increasing employees' productivity, reducing admin workload, and increasing ROI by enabling the employees to reset their passwords by themselves. With LADSS, any employee can reset his / her password using the web browser in just four steps and in just few moments:

LADSS reduces the help desk workload by empowering the administrator and end-users with the facility to:

• Authorize all domain users to reset their password from any remote computer through Web interface.
• Enables administrator to apply default policy for the entire domain.
• Empowers the end-users to select questions they are comfortable with and to type their own answers while enrolling in the software database.
• Empowers the end-users to select questions they are comfortable with and to type their own questions while enrolling in the software database.
• Ensure security by validating users' identity during password reset.
• Enables users to keep the old settings by selecting old database during software installation
• Minimize the helpdesk workload by enabling end-users to reset their password from any computer within LAN without taking any assistance from the help desk technician and without raising any ticket.
• Inform the administrator / help desk personnel about users whose password is going to be expired.

LADSS, furthermore, helps reducing / ending the list of reset password tickets. Following is the list of possible password reset tickets usually received by help desk professionals:

• I am not able to logon to my Windows XP account.
• Someone might have changed my password, as I am not able to login to my account. I want to reset my password.
• I forgot my account's password.
• I have changed my account's password with one of my colleague and now I want to change it. Kindly guide me how can I do this or please do it for me.

The employees raise these tickets after they have forgotten the password of their accounts. Using the LADSS - self-password reset software, the administrator no more need to deal with such tickets, as employees can reset their forgotten passwords on their own. However, for that, they have to register themselves in the software database.

Only those users, who are enrolled with LADSS - self-password reset software can reset domain password by answering a set of questions set by the system admin. This is how domain users are protected from accidental password reset by other users while utilizing this software.

User has to undergo a simple enrollment process in which s/he has to answer a set of questions. During the enrollment process, the user can set a list of questions which can be self-framed too if allowed for his/her domain by the system administrator. The answers to these questions are saved in the software database, which are later used for user's identity verification during the password reset.

In case of any mismatch, the user is denied to perform any operation in the web portal thereby not allowing him to change the password. While configuring the self-password reset policy, administrator can validate limits for the authorization quiz like the type of question and maximum & minimum characters for an answer.

This tool helps the administrators to notify the users about their passwords expiry; so that they can reset their passwords right on time before the password expires at scheduled interval as per the password reset management policy. Notifying the domain user beforehand helps minimizing the number of account lockouts to a significant amount. Furthermore, it helps reducing the employees' downtime and increasing productivity.

Increasing the number of help desk professionals is often related with balancing volumes of tickets for password resets. However, after some time, one may find these highly qualified professionals engaged in resetting passwords rather than focusing on more essential issues. Performing self-password reset reduces burden of resetting passwords from helpdesk professionals as well as minimizes the helpdesk costs, as users can themselves reset their password without involvement of administrator.

All these activities so performed by the software are regulated by the tough user validation policies that help to tighten the AD security, protect critical data, eliminate unregulated access to resources, reduce IT workload, and simplify self-service procedures.