Integration settings

ADSelfService Plus can be integrated with the following solutions:

  • ADManager Plus
  • ServiceDesk Plus
  • ServiceDesk Plus Cloud
  • Splunk Server
  • Syslog Server
  • Have I Been Pwned
  • Log360

ADSelfService Plus – ADManager Plus integration

ADManager Plus is a Windows Active Directory management and reporting solution that helps administrators simplify repetitive and complex AD tasks. When integrated with ADSelfService Plus, admins gain complete control over all self-service actions performed by users—choosing to monitor all users or only privileged ones. Self-service actions are updated in AD or Entra ID only after the admin approves them in ADManager Plus.

Integrating ADManager Plus with ADSelfService Plus

  1. Download and install ADManager Plus. Note the server name (or IP), port number, and protocol it uses.
  2. Log in to the ADSelfService Plus web console with admin credentials.
  3. Select the directory you want to integrate with: Active Directory or Microsoft Entra ID.
  4. Go to Admin > Product Settings > Integration Settings.
  5. Click the ADManager Plus product tile.
  6. In the Server Name or IP field, enter the name of the server where ADManager Plus is installed.
  7. Enter the Port Number used by ADManager Plus.
  8. From the Protocol drop-down list, select the protocol enabled in ADManager Plus (HTTP or HTTPS).
  9. Click Save.
integration settings screenshot 1

Fig.1: Integrating ADManager Plus with ADSelfService Plus.

ADSelfService Plus – ServiceDesk Plus integration

ServiceDesk Plus is a help desk software that provides IT request tracking, asset management, and change management in a single console. When integrated with ADSelfService Plus, an IT request is automatically created in ServiceDesk Plus for every self-service action a user performs. This enables admins to track user activity and follow up as needed. End users can also access the ServiceDesk Plus console in one click from ADSelfService Plus via SSO.

  1. Download and install ServiceDesk Plus.Generate an API key for a technician who has login permissions. You will enter this key during setup.
integration settings screenshot 2

Fig.2: Generating an API key in ServiceDesk Plus.

  1. Log in to the ADSelfService Plus web console with admin credentials.
  2. Select the directory you want to integrate with: Active Directory or Microsoft Entra ID.
  3. Navigate to Admin > Product Settings > Integration Settings.
  4. Click the ServiceDesk Plus tile.
  5. In the Server Name or IP field, enter the name of the server where ServiceDesk Plus is installed.
  6. Enter the Port Number used by ServiceDesk Plus.
  7. Enter the API Key generated in ServiceDesk Plus.
  8. Click Save.
integration settings screenshot 3

Fig.3: Integrating ServiceDesk Plus with ADSelfService Plus.

Step 2: Configure automatic ticket generation

  1. In the ADSelfService Plus web console, click the Configuration tab.
  2. Under Available Policies, click the Advanced Settings icon for the policy you want to edit.
  3. Navigate to the Notification tab and select Notify Admin/Manager.
  4. Check the Create request in ServiceDesk Plus box.
  5. Define the request attributes and enter them in JSON format. To find the available request attributes:
    • Log in to ServiceDesk Plus.
    • Go to Admin > Developer Space > API.
    • Click the Documentation link.
    • Click the Request tab. This page lists all available request attributes.
    • Click OK.
integration settings screenshot 4

Fig.4: Configuring ADSelfService Plus to automatically create a request in ServiceDesk Plus for each self-service action.

Help desk technicians can now track users’ self-service operations through the automatically created tickets in the Requests tab of ServiceDesk Plus.

integration settings screenshot 5

Fig.5: Requests raised automatically for self-service actions in ServiceDesk Plus.

Users can also access the ServiceDesk Plus portal directly from ADSelfService Plus by clicking the Helpdesk tab.

integration settings screenshot 6

Fig.6: ADSelfService Plus’ end-user portal after integrating with ServiceDesk Plus

ADSelfService Plus – ServiceDesk Plus Cloud integration

ServiceDesk Plus Cloud is a cloud-based IT help desk software offering request tracking, asset management, and change management in a single console. When integrated with ADSelfService Plus, a ticket is automatically generated in ServiceDesk Plus Cloud for every self-service action a user performs. End users can also leverage passwordless login and SSO to access the ServiceDesk Plus Cloud console directly from ADSelfService Plus.

Integrating ServiceDesk Plus Cloud with ADSelfService Plus

  1. Go to the Zoho API Console and log in with your Zoho account.
  2. In the Choose a Client Type window, select the Server-based Applications tile.
  3. In the Create New Client window, enter a Client Name.
  4. In the Homepage URL and Authorized Redirect URIs fields, enter the URL in this format: <product_access_url>/OAuthCallback. For example: https://selfservice:8888/OAuthCallback.
integration settings screenshot 7

Fig.7: Configuring a new client in the Zoho API Console.

  1. (Optional) Enable multi-data center (DC) support by selecting Use the same OAuth credentials for all data centers in the Settings section. By default, the client ID remains the same while the client secret differs per DC. Enabling this option allows the same client secret to be used across multiple domains.
Note: This option is not applicable for user accounts based in Chinese DCs.
integration settings screenshot 8

Fig.8: Enabling multi-data center support in the Zoho API Console.

  1. Copy the values of the Client ID and Client Secret from the Client Secret section.
  2. Log in to the ADSelfService Plus console with admin credentials.
  3. Select the directory you want to integrate with: Active Directory or Microsoft Entra ID.
  4. Navigate to Admin > Product Settings > Integration Settings.
  5. Click the ServiceDesk Plus Cloud tile.
  6. In the Client ID and Client Secret fields, paste the values copied in Step 6.
integration settings screenshot 9

Fig.9: Copying the Client ID and Client Secret for ADSelfService Plus integration.

  1. Click the Get Authorization Code link. You will be redirected to the Zoho Account login page.
  2. Authenticate using your ServiceDesk Plus Cloud technician account. Upon successful authentication, the Authorization Code will be filled in automatically.
  3. The default portal will be selected in the Portal field. To change the portal where tickets are created, click the Portal Settings drop-down and select the preferred portal.
  4. Click Save.
integration settings screenshot 10

Fig.10: Integrating ServiceDesk Plus Cloud with ADSelfService Plus.

ADSelfService Plus – Splunk Server integration

Splunk is a SIEM solution that provides real-time insights by processing large volumes of log data. It enables administrators to quickly search, report, and diagnose operational problems and security issues. When integrated with ADSelfService Plus, log data can be forwarded to the Splunk server for detailed auditing.

Prerequisites

Before configuring the integration in ADSelfService Plus, generate an HTTP Event Collector token in Splunk Enterprise:

  1. Log in to Splunk as an administrator.
  2. Navigate to Settings > Data Inputs > HTTP Event Collector.
  3. Click New Token.
  4. Specify a name for the token and retain the default values for all other fields.
  5. Click Save. The authentication token will be generated.

Integrating ADSelfService Plus with Splunk

  1. Log in to ADSelfService Plus as an administrator.
  2. Select the directory you want to integrate with: Active Directory or Microsoft Entra ID.
  3. Navigate to Admin > Product Settings > Integration Settings.
  4. Click the Splunk Server tile.
  5. Click Enable forwarding of logs to Splunk.
  6. Enter the Splunk Server Name and HTTP Event Collector Port number.
  7. Choose whether SSL is enabled.
  8. In the Authentication Token field, enter the HTTP Event Collector token generated in the prerequisites step.
  9. Click Save.
integration settings screenshot 11

Fig.11: Integrating Splunk Server with ADSelfService Plus.

ADSelfService Plus – Syslog Server integration

With this integration, ADSelfService Plus log data can be forwarded directly to any Syslog server for in-depth analysis.

Integrating ADSelfService Plus with a Syslog Server

  1. Log in to ADSelfService Plus as an administrator.
  2. Select the directory you want to integrate with: Active Directory or Microsoft Entra ID.
  3. Navigate to Admin > Product Settings > Integration Settings.
  4. Click the Syslog Server tile.
  5. Click Enable forwarding of logs to syslog.
  6. Enter the Syslog Server Name, Port Number, and Protocol. Then select the Syslog Standard and specify the Data Format required for your SIEM parser.
  7. Click Save.
integration settings screenshot 12

Fig.12: Integrating Syslog with ADSelfService Plus.

ADSelfService Plus – Have I Been Pwned integration

Have I Been Pwned is a service that lets users check whether their passwords have been compromised in a data breach. With this integration, admins can prevent users from setting previously breached or weak passwords during enterprise password resets and changes. This enforcement also applies to the GINA/CP (Ctrl+Alt+Del) login page and ADUC password resets through the Password Sync Agent.

Prerequisites

  • The firewall must allow outbound connections to api.pwnedpasswords.com.

Enabling the Have I Been Pwned Integration

  1. Log in to ADSelfService Plus as an administrator.
  2. Select the directory you want to integrate with: Active Directory or Microsoft Entra ID.
  3. Navigate to Admin > Product Settings > Integration Settings.
  4. Click the Have I Been Pwned? tile.
  5. Click Enable HaveIBeenPwned Integration.
integration settings screenshot 13

Fig.13: Integrating Have I Been Pwned with ADSelfService Plus.

ADSelfService Plus – Log360 Integration

ManageEngine Log360 is a unified SIEM solution with endpoint DLP and CASB capabilities. Its log management component, EventLog Analyzer, collects, normalizes, analyzes, correlates, and archives log data. When integrated with ADSelfService Plus, Debug Log and Access Log files are forwarded to Log360 for detailed auditing and to help meet audit requirements.

Note: The following steps also apply if your organization uses EventLog Analyzer as a standalone tool.

Integrating Log360 with ADSelfService Plus

  1. Log in to ADSelfService Plus with your admin credentials.
  2. Navigate to Admin > Product Settings > Integration Settings.
  3. Select the directory you want to integrate with: Active Directory or Microsoft Entra ID.
  4. Click the Log360 tab and configure the following settings:
  5. Server Name or IP: Enter the name or IP address of the machine where EventLog Analyzer (the log management component of Log360) is installed.
  6. Port Number: Enter the port number where the EventLog Analyzer service is running.
  7. Protocol: Select the protocol to use when connecting to the EventLog Analyzer server.
  8. Username and Password: Enter the credentials for the EventLog Analyzer Super Admin account.
  9. Log Type: Select the type of logs to forward to EventLog Analyzer:
    1. Access Log: Forwards ADSelfService Plus web server access logs.
      Debug Log: Forwards event logs related to application startup and logins.
  10. Click Save.
integration settings screenshot 14

Fig.14: Integrating Log360 with ADSelfService Plus.

Note: When integrating Log360 with an existing load balancing or failover deployment of ADSelfService Plus, all node log files will be forwarded to Log360 seamlessly. However, enabling failover or load balancing on a deployment that is already forwarding logs to Log360 may disrupt log file recognition from secondary nodes. In such cases, re-integration of Log360 and ADSelfService Plus will be required.