> How to Change Passwords in Ad Through the Protectimus Self-Service Portal
How to Change Passwords in Ad Through the Protectimus Self-Service Portal
IMPORTANT NOTE:
- Changing the password in AD using the self-service portal works only via LDAPS (SSL) connection; it does not work via LDAP.
- The option to change passwords in AD using the self-service portal is available exclusively for users synchronized from AD; it is not applicable to DSPA users.
1. Update the Protectimus On-Premise Platform
You can update the Protectimus On-Premise Platform using a Docker image on any operating system.However, if you initially installed the Platform on Windows, you may follow the instructions for Windows users below.
1.1. Updating Platform Using a Docker Image
You have two options for updating the Protectimus On-Premise Platform with a Docker image: We’ll walk you through both methods, allowing you to choose the one that best suits your preferences.1.1.1. Updating via Git Repository Cloning
- Use this command to copy the repository containing Docker Compose files to your local computer, where the Protectimus On-Premise Platform is installed.
git clone https://github.com/protectimus/platform
The contents of the archive will be as follows:
. └── platform ├── platform │ ├── docker-compose.yaml │ ├── .env │ ├── platform_data │ │ ├── autogenerated-keystore.jks │ │ └── protectimus.platform.properties │ └── postgres_data ├── radius │ ├── config │ │ ├── radius.all.yml │ │ └── radius.yml │ ├── docker-compose.yaml │ └── .env └── unifi-guest-portal ├── config │ ├── fragments.html │ ├── guest-portal.all.yml │ └── guest-portal.yml ├── docker-compose.yaml └── .env
- Go to the platform directory:
cd platform/platform
- Run the application using Docker Compose.
This command will start all the containers required for your application in the background (-d):
docker-compose up -d
- Stop running containers using this command:
docker-compose down
- Make a backup of your database. The data is located in the postgres_data directory.
- Get latest changes from Git repository.
This command will update your local repository to the latest version that you have uploaded to Git.
Resolve any configuration conflicts if necessary.
git pull
- Download the updated images. This command will download the updated Docker images from your Docker registry:
docker-compose pull
- Restart containers with new images.
This command will restart the containers using the updated images in the background mode (-d):
docker-compose up -d
1.1.2. Manual Update from Github
- Download the latest version of the archive with the Protectimus Platform from Github and extract it:
https://github.com/protectimus/platform/releases
The contents of the archive will be as follows:
. └── platform ├── platform │ ├── docker-compose.yaml │ ├── .env │ ├── platform_data │ │ ├── autogenerated-keystore.jks │ │ └── protectimus.platform.properties │ └── postgres_data ├── radius │ ├── config │ │ ├── radius.all.yml │ │ └── radius.yml │ ├── docker-compose.yaml │ └── .env └── unifi-guest-portal ├── config │ ├── fragments.html │ ├── guest-portal.all.yml │ └── guest-portal.yml ├── docker-compose.yaml └── .env
- Go to the platform directory:
cd platform/platform
- Run the application using Docker Compose.
This command will start all the containers required for your application in the background (-d):
docker-compose up -d
- Stop running containers using this command:
docker-compose down
- Make a backup of your database. The data is located in the postgres_data directory.
- Change the component version to the latest in the .env file.
- Download the updated images. This command will download the updated Docker images from your Docker registry:
docker-compose pull
- Restart containers with new images.
This command will restart the containers using the updated images in the background mode (-d):
docker-compose up -d
1.2. Updating Platform on Windows
1.2.1. Before updating the platform, stop the platform in services.1.2.2. Install the new version of the Protectimus On-Premise Platform, and when selecting a database, choose the one used in the old version of the Protectimus platform.
- Choose the necessary components.
- Click Next.
- Click Next.
- Use your username and password to log in to the PostgreSQL database you created during the first platform installation and click LogIn.
- Enter the name of the database you used in the old version of the Protectimus platform and click Select.
You can click the List button to see the list of available databases if you don’t remember the exact name of the necessary database.
- Preferably, use the same destination folder as previously.
- Once the platform is installed, you will see the changelog describing recent updates; close it.
- Then click OK to finish the installation.
2. Set Up the Protectimus User’s Self-Service Portal
- Open the Protectimus Platform, which is available at http://localhost:8080, and log in to your account. Then, go to the Resources tab, click on the resource name, and navigate to the Self-Service tab.
- If you haven’t enabled the Self-Service Portal for your users yet, click on Enable User’s Self-Service for your resource, and specify the address at which your users will access the Self-Service Portal.
- Now, choose the authentication methods your users will use to log into the Self-Service Portal and specify the actions that will be available to them.
All these access methods can be enabled simultaneously without conflicts. If both Federated Auth and Password Auth are enabled, users can log into the Self-Service Portal using either the AD password or the Platform password; both will be valid:- Federated Auth: Users log into the Self-Service Portal using their password from Active Directory (AD). If enabled, setting the user’s password within the Protectimus Platform is not required.
- Auth via Security Questions: Users log into the Self-Service Portal by answering secret questions.
- Password Auth: Users log into the Self-Service Portal using the password set in the Users’ settings within the Protectimus Platform.
- Email Auth: Users log into the Self-Service Portal using a one-time code sent to the email specified in the Users’ settings within the Protectimus Platform.
- Password Policy: This feature allows you to set policies for users, enabling them to change/create a password themselves after logging into the Self-Service Portal.
- Change Federated Password: By enabling this feature, you grant users permission to change their AD password through the Self-Service Portal. To change the AD password, they will need to specify both the old and new AD passwords.
- Reset Federated Password: Enabling this feature grants users permission to reset the AD password through the Self-Service Portal, requiring only the specification of the new password.
3. Give Your Users Access to Protectimus User’s Self-Service Portal
To log into the Self-Service Portal, your users will need:- Either a password or an email registered in the Protectimus platform.
Users with both a password and a registered email address will use the password. For those with only an email, a verification code will be sent to the registered email address. If necessary, you can add passwords or emails in User settings.
- The link specified when enabling the Self-Service Portal.
Users should follow this link, log into their Self-Service Portal account, and they will see the Change Federated Password button and any other activated buttons. Then they should click the respective button and follow the required sequence of steps to perform the chosen action.
NOTE:
- Changing the password in AD using the Self-Service Portal works only via LDAPS (SSL) connection; it does not work via LDAP.
- The option to change passwords in AD using the Self-Service Portal is available exclusively for users synchronized from AD; it is not applicable to DSPA users.
Last updated on 2024-03-28