Connection Settings

You can configure the SSL settings, access URL, proxy settings, port settings, and session time settings under Connection Settings.

How it works

ADSelfService Plus acts as a web application hosted on a Tomcat server. The Connection Settings page controls how this server communicates — both inbound (how users and agents reach the portal) and outbound (how ADSelfService Plus connects to external services like proxy servers). SSL settings secure these channels, while session and logging settings govern how user activity is tracked and managed.

Configuration steps

Connection Settings

1. Navigate to Admin → Product Settings → Connection and click the Connection Settings tab.
2. Under ADSelfService Plus Port, select HTTPS.
   Note: We strongly advise against choosing HTTP in a production environment. HTTP does not enforce SSL certificate validation and poses a significant security risk. Use HTTP only for testing purposes.
3. Set a port number of your choice, or retain the default.

If you selected HTTPS, continue with the following steps:

4. Click Apply SSL Certificate and follow the on-screen instructions to apply the SSL certificate.
5. Select Use LDAP SSL (LDAPS) to encrypt communication between Active Directory and ADSelfService Plus.
6. Select Encrypt keystore password and enter the keystore password. The password will be encrypted for better security.
   Note: Enabling this option replaces the value of the keystorePass property in server.xml with the macro ${adssp.keystorePass}.
7. Select the TLS Version and Cipher Suites from their respective drop-downs.
8. Click Save.

Proxy Settings

If your network routes outbound traffic through a proxy server, configure it here so ADSelfService Plus can communicate with external services.

1. Navigate to Admin → Product Settings → Connection and click the Proxy Settings tab.
2. Select Enable Proxy Server.
3. Enter the Server Name or IP and the Port number of the proxy server.
4. Enter the Username and Password for proxy authentication.
5. Click Save.

General Settings

General Settings houses controls for managing user sessions and configuring startup and logging behavior for the ADSelfService Plus server. Configure these settings to balance security and user convenience, and to ensure the product starts and logs activity in a way that suits your organization's needs.

Session Settings

• Session Expiry Time controls how long a user's ADSelfService Plus session can remain idle before it is automatically terminated. You can set this to any value between 10 minutes and Never expires.
  Note: Changes to session settings take effect only after the ADSelfService Plus server is restarted.

  To set the session expiration time:

  1. Navigate to Admin → Product Settings → Connection → General Settings.
  2. Select the desired timeout from the Session Expiration Time drop-down.
  3. Click Save Settings.
• Deny Concurrent Logins prevents users from maintaining simultaneous active sessions across multiple browsers or the mobile app. When enabled, a user who attempts to log in while another session is already active will be blocked until the existing session is terminated or expires.

  To enable this setting:

  1. Navigate to Admin → Product Settings → Connection → General Settings.
  2. Select the Deny Concurrent Logins checkbox.
  3. Click Save Settings.
• Clearing idle sessions: If a user closes their browser without logging out, their session remains active, preventing them from logging back in until it expires. As an admin, you can manually clear all idle sessions without affecting users who are currently active.

  

  To terminate idle sessions:

  1. Navigate to Admin → Product Settings → Connection → General Settings.
  2. Select the Deny Concurrent Logins checkbox.
  3. Click the Click here link that appears to reset the session status of all users.
  4. Click Yes in the confirmation pop-up.

Startup & Logging Settings

• Current Log Level: Select Normal Mode for standard logging, or Debug Mode for detailed diagnostic information.
• Retain Logs for ___ Days: Specify how many days to keep log files. Files older than the set value are automatically deleted. Default: 365 days. If disabled, logs are retained indefinitely.
• Enable Session Tracking: Enables monitoring of user sessions for in-depth debugging.
• Launch ADSelfService Plus Client upon Successful Startup: The ADSelfService Plus web application launches automatically when the user logs into their machine.
• Start the Product Automatically on Windows Startup: ADSelfService Plus starts automatically as a Windows service on system startup. Applicable only when ADSelfService Plus is installed as a Windows service.

Once you have configured the required settings, click Save Settings. Changes take effect after ADSelfService Plus is restarted.

Tips

The resources linked below cover common deployment scenarios, security best practices, and troubleshooting guidance related to connection settings.

• Securing ADSelfService Plus over the internet with a reverse proxy
• Securing ADSelfService Plus with a reverse proxy using ManageEngine AD360
• Securing ADSelfService Plus with a reverse proxy using IIS
• Securing ADSelfService Plus with a reverse proxy using Apache HTTP server
• Post-deployment security measures for ADSelfService Plus
• How to apply an SSL certificate in ADSelfService Plus