Integration settings

ADSelfService Plus can be integrated with the following solutions:

  1. ADManager Plus
  2. ServiceDesk Plus
  3. ServiceDesk Plus Cloud
  4. Splunk server
  5. Syslog server
  6. Have I Been Pwned
  7. Log360

ADSelfService Plus – ADManager Plus Integration

ADManager Plus is a Windows AD management and reporting solution that helps admins simplify mundane, repetitive, and even complex AD tasks. When ADSelfService Plus is integrated with ADManager Plus, admins have complete control over all the self-service actions performed by users. Based on their need, admins can choose to monitor the actions of all users or only privileged ones. When users perform any self-service action using ADSelfService Plus, it will be updated in AD only after the admin approves it in ADManager Plus

Integrating ADManager Plus with ADSelfService Plus

Follow these steps:

  1. Download and install ADManager Plus.
  2. Log in to ADSelfService Plus web console with admin credentials.
  3. Navigate to Admin tab → Product Settings → Integration Settings.
  4. Click the ADManager Plus tile.
  5. In the Server Name or IP field, enter the name of the server in which ADManager Plus is installed.

    integration-admanager-plus

  6. Enter the Port Number used by ADManager Plus.
  7. Select the Protocol (HTTP/HTTPS) enabled in ADManager Plus from the drop-down list.
  8. Click Save.

ADSelfService Plus – ServiceDesk Plus Integration.

ServiceDesk Plus is a help desk software that offers IT request tracking as well as asset and change management, in a single console.

With the ADSelfService Plus – ServiceDesk Plus integration, for every self-service action a user performs, an IT request is automatically generated in ServiceDesk Plus. This helps admins track users' self-service actions and follow up on them if needed. Moreover, end users can access the ServiceDesk Plus console to raise IT tickets in one click from the ADSelfService Plus console through SSO.

Integrating ServiceDesk Plus with ADSelfService Plus

Follow these steps:

  1. Download and install ServiceDesk Plus.
  2. Log in to the ADSelfService Plus web console with admin credentials.
  3. Navigate to Admin → Product Settings → Integration Settings.
  4. Click the ServiceDesk Plus tile.
  5. In the Server Name or IP field, enter the name of the server in which ServiceDesk Plus is installed.
  6. Enter the Port Number used by ServiceDesk Plus.
  7. Select the Protocol (HTTP/HTTPS) enabled in ServiceDesk Plus from the drop-down.
  8. Enter the API Key generated in ServiceDesk Plus for a technician with login permissions.

  9. Click Save.

    api-key-generation

    servicedesk-plus

ADSelfService Plus – ServiceDesk Plus Cloud integration

ServiceDesk Plus Cloud is cloud IT help desk software that offers request tracking, asset management, and change management, all within a single console.

With the ADSelfService Plus – ServiceDesk Plus Cloud integration, for every self–service action a user performs, a ticket is automatically generated in ServiceDesk Plus Cloud. This helps admins track users' self–service actions and follow up on them if needed.

Integrating ServiceDesk Plus Cloud with ADSelfService Plus

  1. Go to the Zoho API console and log in using your Zoho account.
  2. After logging in, in the Choose a Client Type window, select the Server–based Applications tile.
  3. In the Create New Client window, enter a Client Name.
  4. In the Homepage URL and Authorized Redirect URIs fields, enter the URL value in this format:
    <product_access_url>/OAuthCallback. Sample URL: https://selfservice:8888/OAuthCallback.

    Create new client

  5. Enable multi–data center (DC) support (optional) by selecting the Use the same OAuth credentials for all data centers option in the Settings section. By default, the client ID remains the same, and the client secret differs from one DC to another. Enabling the Use the same OAuth credentials for all data centers setting allows you to have the same client secret across multiple domains based on your business needs. Additionally, you can allow users from specific domains to access the client using the same client secret by toggling the settings for those regions.
    Note: The above option is not applicable for user accounts based in Chinese DCs.

    Application settings

  6. Copy the values of the Client ID and the Client Secret from the Client Secret section.

    Client secret

  7. Next, log in to the ADSelfService Plus console with admin credentials.
  8. Navigate to Admin → Product Settings → Integration Settings.
  9. Click the ServiceDesk Plus Cloud title.
  10. In the Client ID and Client Secret fields, paste the values copied in step six.
  11. Click the Get Authorization Code link. You will be redirected to the Zoho Account login page.

    SDP Cloud integration

  12. Authenticate using your ServiceDesk Plus Cloud technician account. Upon successful authentication, the Authorization Code will be filled automatically.
  13. The default portal will be selected in the Portal field. If you wish to change the portal in which the tickets should be created, click the Portal Settings drop-down to choose your preferred portal.
  14. Click Save.

    SDP Cloud configuration

ADSelfService Plus – Splunk server Integration.

Splunk, a SIEM solution, provides real-time insights by processing large volumes of log data. It allows admins to quickly search, report, and diagnose operational problems and security issues.

Upon integrating ADSelfService Plus with the Splunk server, you can forward ADSelfService Plus' log data to Splunk server for detailed auditing.

Integrating ADSelfService Plus with Splunk

Prerequisite:
The first step of the integration process is to generate an HTTP event collector token using the Splunk Enterprise solution:
  1. Log in to Splunk as an administrator.
  2. Navigate to Settings → Data Inputs → HTTP Event Collector.
  3. Click New Token.
  4. Specify a name for the token and retain the default values for the other fields.
  5. Click Save and the authentication token will be generated.
Once the HTTP event collector token is generated:
  1. Log in to ADSelfService Plus as default Admin.
  2. Navigate to Admin → Product Settings → Integration Settings.
  3. Click the Splunk Server tile.
  4. Click Enable forwarding of logs to splunk
  5. Enter the details including Splunk Server Name, HTTP Event Collector Port number
  6. Choose SSL Enabled or not.
  7. Specify the HTTP Event Collector Token generated for ADSelfService Plus in the Authentication Token field.
  8. Click Save.

    integrating-siem-using-splunk-server

ADSelfService Plus – Syslog server Integration.

With this integration, you can forward ADSelfService Plus' log data directly to any syslog server for in-depth analysis.

Integrating ADSelfService Plus with a Syslog Server

Follow these steps:

  1. Log in to ADSelfService Plus as default Admin.
  2. Navigate to Admin → Product Settings → Integration Settings.
  3. Click the Syslog Server tile.
  4. Click Enable forwarding of logs to syslog
  5. Enter the details including Syslog Server Name, Port number and Protocol. Choose the Syslog Standard and specify the Data Format needed for your SIEM parser.

    integrating-siem-using-syslog-server

  6. Click Save.

ADSelfService Plus – Have I Been Pwned Integration

Have I Been Pwned is a popular site that allows users to check whether the passwords they use have been compromised due to data breach. With ADSelfService Plus - Have I Been Pwned API service integration, admins can ensure that users do not use weak passwords during enterprise password resets and changes. It is also enforced in the GINA/CP (Ctrl+Alt+Del) login page and ADUC Password resets through Password Sync Agent.

Integrating Have I Been Pwned API service with ADSelfService Plus

Prerequisite :
Steps to enable Have I Been Pwn
  1. Log in to ADSelfService Plus as default Admin.
  2. Navigate to Admin → Product Settings → Integration Settings.
  3. Click the Have I Been Pwned? tile.
  4. Click Enable HaveIBeenPwned Integration


ADSelfService Plus - Log360 Integration

ManageEngine Log360 is a unified SIEM solution with endpoint DLP and CASB capabilities. EventLog Analyzer, the log management component of Log360, collects, normalizes, analyzes, correlates and archives log data. Organizations can integrate ADSelfService Plus with Log360's EventLog Analyzer component to forward logs seamlessly and meet audit requirements.

Upon integrating ADSelfService Plus with Log360, you can forward the Debug Log and Access Log files from ADSelfService Plus to Log360 for detailed auditing.

Note: If your organization uses EventLog Analyzer as a standalone tool also, below steps are applicable.

Integrating Log360 with ADSelfService Plus

  1. Log in to ADSelfService Plus with your administrator credentials.
  2. Navigate to Admin > Product Settings > Integration Settings.
  3. Click on the Log360 tab and configure the following:

    ADSelfService Plus - EventLog Analyzer Integration

    • Server Name or IP: Enter the name or IP Address of the machine where EventLog Analyzer, the log management component of Log360, is installed.
    • Port Number: Enter the port number where the EventLog Analyzer service is running.
    • Protocol: Select the protocol that must be used to connect to the EventLog Analyzer server.
    • Username and Password: Configure the EventLog Analyzer Super Admin's credentials in the Username and Password fields.
    • Log Type: Select the type of log that you would like to forward to EventLog Analyzer: Access Logs, Debug Logs, or both.
      • Access Log: Select Access Logs if you would like to forward ADSelfService Plus' web server access logs.
      • Debug Log: Select this log if you would like to forward event logs related to startup and logins.
  4. Once you have selected the ADSelfService Plus log types that you want to export to Log360, click Save.

Note: When integrating Log360 with existing Load Balancing or High Availability deployments of ADSelfService Plus, all node log files will be seamlessly forwarded to Log360.

However, implementing High Availability or Load Balancing on ADSelfService Plus deployments that are already forwarding log files to Log360 can disrupt log file recognition from the secondary nodes. Reintegration of Log360 and ADSelfService Plus will be required in such cases.

Copyright © 2024, ZOHO Corp. All Rights Reserved.