Recent questions and answers in FAQ

Issue The Active Directory Federation Services (ADFS) master key that decrypts ADFS certificates is stored in Active Directory, in the thumbnailPhoto attribute of a contact object ... ,CN=Program Data,DC=domain,DC=com container via native AD access control.

Starting from Adaxes 2023, you can manage Azure AD users, groups, and resource mailboxes that are not synchronized with an on-premises AD domain. However, having a registered ... the entire Azure AD domain in the scope of your Microsoft 365 tenant in Adaxes.

If a computer has the KB5020276 Netjoin: Domain join hardening changes Windows update installed, you might encounter the following error message when attempting to join such a ... the primary computer owner (specified in the ManagedBy (Primary) property).

By default, in hybrid environments, when an on-premises AD object is created in Adaxes within the scope of a Microsoft 365 tenant, Adaxes will create the corresponding ... the Display the temporary password in the Execution Log checkbox. Click OK twice.

The language of Adaxes Web interface and the format used to display dates can be different depending on the signed in user. The language can be selected either automatically or ... default formats are: en-US for English, fr for French, and de for German.

By default, Web Interface URLs look like the following: http://host.company.com/Adaxes/HelpDesk. For the URLs not to contain the Adaxes part: On the computer where Adaxes ... C:\Program Files\Softerra\Adaxes 3\Web Interface by default. Click OK. Restart IIS.

This can be setup using the HTTP Redirect option in IIS: On the computer where Adaxes Web Interface is installed, launch Internet Information Services (IIS) Manager. In the Connections ... (301). In the Actions pane on the right, click Apply. Restart IIS.

An authenticator app can be reset for a user with the help of the Reset multifactor authentication operation in Adaxes Web Interface or Administration Console. In the Web ... can also use the Change device option. For details, see Reset Authenticator App.

Sometimes, if an Adaxes service was not uninstalled properly, Adaxes Administration Console shows the removed instance in the list of available Adaxes services. The easiest way ... . Delete the SCP entries that were published by a removed Adaxes service.

Adaxes Service To enable communication between Adaxes service and Active Directory, the following ports (TCP and UDP) must be open for outgoing connections on the ... Restricting Active Directory replication traffic and client RPC traffic to a specific port

By default, SSL is not configured for the Adaxes Web Interface and network transmissions are not encrypted. However, you can configure SSL on the Adaxes Web ... work in both cases: with Windows-integrated authentication and with forms-based authentication.

Adaxes service uses the LDAP protocol to communicate with Active Directory. Interaction between the Adaxes service and Active Directory is secured for security-sensitive ... clients and Adaxes services is always performed using an encrypted TCP channel.

Adaxes service account Adaxes itself doesn't store the password for the Adaxes service account. Adaxes service is installed as a Windows system service that runs under the Adaxes ... its copy of the master key and decrypt it locally with its own private key.

Softerra Adaxes does not extend the AD schema. Moreover, Softerra Adaxes does not store its data in Active Directory and doesn't modify the native permissions assigned in ... Adaxes, you can use Active Directory just as you did before the product installation.

You do not need to create a trust between AD domains to manage them with an Adaxes service. When registering an AD domain, an account with administrative permissions ... control the user access to the managed resources, the Adaxes service uses Security Roles.

Using the Adaxes Administration Console, you can perform bulk update of AD users in several ways: Using the Add or Modify Property Wizard: Select the AD users you need in ... multiple user and computer accounts, add users or contacts to a group in bulk, etc.