FREEPASS Frequently Asked Questions
Frequently Asked Questions about FreePass - U-BTech's management portal, allows the company's employees to change and reset their password independently.
Q: What are the minimum requirements for installing FreePass?
A: FreePass as an application only requires that you have .NET Framework 4.5.2 or above installed and any version of Windows above and including Windows Server 2008 R2 as a Domain Member machine for Active Directory Domain environments.
Q: What sort of permissions do I need in order to start using FreePass?
A: For Active Directory and Office 365 environments (DirSync / ADConnect), the service account for the FreePass service has to be a domain user with read permissions to Active Directory and the ability to reset the users’ password.
Q: Does FreePass store the user password in any way?
A: No it does not. FreePass processes password change and reset requests and acts as a proxy on behalf of the user against the Domain Controller servers. The password is not stored or saved in any point throughout the process.
Q: Do I have to install anything on the user’s workstation or device?
A: No. The FreePass service only needs to be installed once, on your member server of choice. The entire FreePass front-end is web based and can be installed on any supported IIS server. The user can use any web browser to use the product.
Q: Do I need to expose my Domain Controller servers to the Internet so I can use FreePass?
A: Absolutely not! FreePass was designed in such a way that the installation can be distributed across two or more servers. Front-End servers can be installed in the DMZ or Internet facing networks, but the FreePass service account will poll for requests from within the internal network, so only one sided HTTPS communications need to be open and never from outside your environment.
Q: Can FreePass be configured to only allow password changes and reset to specific users.
A: Yes. You can configure the Active Directory permissions for the FreePass service account to only apply to specific users, groups and, using the Delegation Wizard, containers (OUs and Domains)
Q: How secure is FreePass communications and data exchange?
A: FreePass can be configured to support SSL, TLS and event client-certificates for communications and authentication. Furthermore, the FreePass service account and front-end web portal can be configured to only communicate with specific IP addresses and refuse all other endpoints.
Q: I have a very complex Active Directory forest with multiple domains and sub-domains, is FreePass the right product for me?
A: Definitely! As long as the FreePass service account user is trusted throughout the entire forest, you can create FreePass policies that will target the entire forest as well as individual domains and sub-domains.
Q: Is the Password Policy enforcement feature supported on my environment ?
A: Since Windows Server 2012 we do have a new OID for the Extended Control LDAP_SERVER_POLICY_HINTS_OID (1.2.840.113518.104.22.1689). The OID 1.2.840.113522.214.171.1246 is still valid on Windows Server 2012 (R2) ADs but it's now called LDAP_SERVER_POLICY_HINTS_DEPRECATED_OID. Suggest you check the supportedControl attribute of a rootDSE call and check, whether you find LDAP_SERVER_POLICY_HINTS_OID = 1.2.840.1135126.96.36.1999. If so you should use the new OID. If one of the above OIDs is present we are now able to send our modification request containing the the Extended Control LDAP_SERVER_POLICY_HINTS_OID with the value 0x1 to honor password history when resetting passwords. See article
Q: What if a user forgets their password? Are password resets supported?
A: Yes. FreePass supports password resets with a username and OTP (One Time Password) authentication. OTP methods include email messages and SMS text messaging using either email or web services.
Q: I need to unlock my account because I tried accessing a resource too many times with the wrong credentials. Will FreePass help me with this?
A: Yes. Changing and resetting a user policy can optionally unlock locked accounts as well.
Q: How can I find if there are any updates available for my FreePass installation?
A: Most of our tools are installed in secure server environments where Internet connectivity cannot be taken for granted. That’s why we don't provide any automatic updating functions in our products. This might change in the future but for now all you have to do to find out if there is a new version available is to visit our website or click the “Check for Updates” link in the “About” dialog. Customers who purchased our retail products are automatically added to our mailing list and receive email notifications about updates and news.
Q: I need to activate my product and I don’t have a working Internet connection from my server or workstation, what can I do?
A: You can use our offline activation web page https://activation.u-btech.com where you can use your purchased serial code and unique machine code to activate your license and receive an offline activation code. The serial code is your proof of purchase and the machine code, which will be provided by each of our products on its offline activation dialog, is our way of verifying the use of the license on a single machine.
Q: I still can’t activate my license and I’m having some problems using the offline activation web page. Any other help you can offer?
A: You are welcome to contact our support staff. Please send your information and machine code to Support@U-BTech.com, and we will activate the product for your purchased license and send you back your license code.
Q: I need more time with the Trial version of FreePass. Who should I contact?
A: You can contact our sales department at Sales@U-BTech.com . They will consider each request and decide whether to provide you with a trial extension key.
Q: FreePass looks great and I’m really interested in purchasing it. What is the licensing scheme for it?
A: FreePass is licensed on a per mailbox basis in your Exchange organization. Contact our sales department for more information: Sales@U-BTech.com
The following support options are available:
• Standard Support: Every purchase of the product automatically entitles the client to a year of free email support and upgrades.
• Silver Support: Grants an additional year of technical support to every U-BTech Solutions customer from the moment of purchase for a total of two full years of E-Mail support. Free product upgrades are available for one year from the moment of purchase.
• Gold Support: Grants an additional two years of technical support to every U-BTech Solutions customer from the moment of purchase for a total of three full years of E-Mail and Phone support. Free product upgrades are available for one year from the moment of purchase.comments powered by Disqus