Automatically block users, IP Addresses or Groups for a specified period of time where multiple incorrect password attempts occur; potentially preventing brute force attacks or compromised users from gaining unwanted or unauthorized access. You can also block users from logging into the solution within a specific timeframe. Unblock genuine users automatically after a certain period of time or manually to avoid unnecessary downtime and disruption.

Using our simple web-based interface, you can transfer control of tasks such as password resets, personal information updates and account lockout tasks to the end users. The solution also allows end users to authorize co-workers to reset passwords and perform account unlocks on their behalf. No longer will you have to manually handle such tasks. Increase your productivity through less downtime and more account control.

Our solution fully integrates with GINA/CP so your users can reset their passwords even when they are locked out. Our GINA integration can be deployed either through a bulk script via GPO, through local, direct installation or via an agent that can be automatically deployed from within the main console. Need more info? Click here to check how to deploy GINA in your domain.

Our web-based, intuitive dashboard helps you spot specific trends such as account lockouts, password resets, enrolment data, users not enrolled, overall activity over last seven days and user status. It’s an easy and visual way to keep tabs on your Active Directory identity management and to help spot potential abuse or issues.

Half of the battle you will face when it comes to identity management is keeping track of user password expiry. To address this, we provide you with a User Password Expiration Reminder solution, which is an integrated part of our Active Directory Self-Service solution (but also available standalone or as a part of our Lepide Data Security Platform). It allows you to send automated notification reminders to users when their passwords are due to expire.

We understand that allowing users to access and update their information in your Active Directory carries an element of risk. To address this, we provide you with the ability to lock down what the user can and can’t view/modify. We ensure they can only update the fields you specify. You can predefine within the solution whether the user has no access, read only or full control across any of the following Active Directory Attributes – general, contact and address. This solution also enables you to integrate your SSL certificate to ensure the entire process is secure and encrypted. It automatically redirects from HTTP to HTTPS when SSL security is enabled. We also provide session expiry to ensure only relevant, current requests are considered.

To help maintain identity integrity and identity management, we provide you with a few different methods of authentication, including the challenge response method where you can specify the number of pre-set questions and the number of characters in questions/answers to ensure maximum security. We also offer you strong authentication through OTP (one-time password), where the user is authenticated by an SMS or email verification process. You can easily define how you wish your users to authenticate through the main console

As an administrator, you may want to specify a policy which automatically unlocks all locked accounts at a particular point in time or on a specific schedule. Our solution provides this capability which is easily configurable through the intuitive management console.

When you first deploy this solution, it’s likely you will want to go through a process of bulk enrolment. To achieve this, you will need to get all the relevant enrolment details into a CSV file with the challenge/response information to import into the solution. From there we will automatically update and notify all the users of their enrolment along with instructions for use.

Rather than having to constantly check the console to make sure your users are behaving as they should, we ensure you get regular reports delivered straight to your inbox. These reports will show you details such as enrolment, self-service actions performed by users, password expiry and lockout details

Aside from allowing end users to perform self-service activities and update their Active Directory details, you can also allow them to delegate certain tasks to other authorized employees through our ‘Authorize co-worker’ feature. This allows the end user to specify account unlock and password reset tasks to others within the business. Users will also receive a notification whenever a password reset, or account unlock task is executed.

Lepide Active Directory Self Service not only allows end users to reset their AD account passwords, but also enables the synchronization of third party applications and the resetting of those particular passwords from the tool itself. Password synchronization is currently available for Office 365, IBM AS400 and Google Apps. Once administrators configure the account settings for these applications, users can reset their Office 365, IBM and/or Google Apps passwords by simply resetting their AD account password.