Using this option, you can import a CSV file containing users’ enrollment data into ADSelfService Plus and enroll them automatically. This option comes in handy if you already have all the necessary enrollment data stored in a CSV file or in an application that can export data as a CSV file. Before importing the enrollment data, make sure to configure the settings for the respective authenticators. To learn more on how to set up the authenticators supported by ADSelfService Plus, click here.
Administrators can enroll users automatically without any user involvement for these authenticators:
Bulk enrollment into ADSelfService Plus can be done by the admin with minimal user input for the following authenticators:
To enroll for Duo Security, please ensure that the users first download the Duo Security authenticator app and enroll with Duo. Admins can then bulk-enroll the users into ADSelfService Plus.
To use TOTP-based software authenticators (Google Authenticator, Microsoft Authenticator, Zoho OneAuth TOTP, and Custom TOTP - Software token), users will need to finish the process by installing the TOTP authenticator apps on their phones and configuring the enrollment settings using the Secret Key. Please find the configuration steps below:
Step 1: Create a unique 16-digit alphanumeric key for each user who is to be enrolled. This will be their secret key in the CSV file.
Step 2: Import the CSV by following these steps to enroll the users into ADSelfService Plus.
Step 3: The admin can send users their respective secret keys via email or other secure ways. Keys will be used while configuring the TOTP authenticator app on users' phones.
The data imported in the CSV file should follow the specified formats for each authenticator as mentioned in the table below.
Import type | CSV header names | Allowed formats |
---|---|---|
Mobile Numbers | mobile | Must contain numbers 0 through 9 |
Email IDs | Must be a valid email address | |
Security Questions and Answers | question | Must be a security question, e.g., What is your favorite color? |
answer | Must be the corresponding answer to the security question, e.g., Yellow | |
Google Authenticator | googleauth secret key | Must contain letters A-Z or a-z and numbers 2-7 |
Microsoft Authenticator | microsoftauth secret key | Must contain letters A-Z or a-z and numbers 0-9 |
Zoho OneAuth TOTP | zohooneauth secret key | Must contain letters A-Z or a-z and numbers 0-9 |
Duo Security | sAMAccountName | Must be a valid user in AD |
Custom TOTP - Software Token | customtotp secret key | Must contain letters A-Z or a-z and numbers 0-9 |
Custom TOTP - Hardware token | customtotp hardware serial number | Must contain letters A-Z or a-z and numbers 0-9 |
customtotp secret key | Must contain letters A-Z or a-z and numbers 0-9 |
Note: You can configure OU and group-based policies by going to Configuration > Self-Service > Policy Configuration. Using policies, you can enable forced enrollment for a specific group of users.
Copyright © 2024, ZOHO Corp. All Rights Reserved.