- Created by Vladislav Fomichev, last modified on Sep 28, 2020
Files of Indeed AM OMNIKEY Provider reside in: indeed AM\Indeed AM Providers\Indeed AM OMNIKEY Provider\<Version number>\
- Indeed AM OMNIKEY Provider х64.msi is the installation package of Indeed AM OMNIKEY Provider x64 version.
- Indeed AM OMNIKEY Provider х86.msi is the installation package of Indeed AM OMNIKEY Provider x86 version.
About the Indeed AM OMNIKEY component
Indeed AM OMNIKEY Provider is designed to be used together with Indeed AM Windows Logon and Indeed AM Enterprise SSO. The component integrates HID OMNIKEY smartcard readers with the Indeed AM Access Management modules. For more information about OMNIKEY readers and cards, please visit the manufacturer's website. The following models of HID OMNIKEY scanners are currently supported:
- OMNIKEY 5325
- OMNIKEY 6321
- OMNIKEY 5321 CLi
- OMNIKEY 6321 CLi
- OMNIKEY 5427 CK
- OMNIKEY 5421
- OMNIKEY 5022
- OMNIKEY 5025
Installation
Please use the Indeed AM OMNIKEY Provider.msi file to install the MFA Provider on the Indeed AM server and on your computer.
If your infrastructure requires multiple Indeed AM servers, make sure to install the provider on all relevant servers.
- You may need to restart the system after installation. If the setup program prompts you to restart the system, click Yes.
- The product can be removed/restored by using a standard method supported by your operating system (via the Control Panel).
How to set up authentication parameters
Before you begin customization of your group policy, please add the Indeed AM policy templates to the list of administrative templates. Policy templates are a part of the provider's installation package and can be found in the Misc directory. The policy should apply to all Indeed AM servers and all client machines.
Job timeout when a smart card is removed
The Windows Logon® policy determines the duration of the standard and service timeout following the removal of an authentication device. You can use this policy to set the time period (in seconds) between the removal of smart card and the performance of action in line with the Windows policy − Interactive logon: Smart card enhanced removal behavior. Standard timeout option prevents automatic system lockout in the event of an accidental removal of an authentication device.
Service timeout option prevents automatic system lockout when you need to extract an authentication device for a reason (to train an additional authenticator, use another account and a different authenticator to access the system, etc.). If you want to activate service timeout, press and hold [Ctrl]+[L] before removing the device. If the policy has not been set or has been disabled, there will be no timeout before the automatic lockout of your workstation.
Authentication via Indeed AM OMNIKEY Provider
- Please select the login method during your first login to the system or to the app via Indeed AM authentication. You can do this by clicking Switch authentication Method on the Windows login screen (on the Authentication screen if you are using Enterprise SSO). Select Card (HID OMNIKEY) as a login method.
- Connect the HID OMNIKEY card reader and place a registered card on top of the device.
- Authentication will be completed once the card data has been processed. If your login has been successful, card authentication will be saved as your preferred login method, and you will be prompted to use it again during your next login to the system or app.
- No labels