Versions Compared
Key
- This line was added.
- This line was removed.
- Formatting was changed.
Info |
---|
Files of Indeed AM HOTP Provider reside in: indeed AM\Indeed AM Providers\Indeed AM HOTP Provider\<Version number>\
|
About the Indeed AM HOTP Provider component
The autonomous one-time password generator eToken PASS can be used for authentication in any applications and services that support RADIUS protocol – VPN, Microsoft ISA, Microsoft IIS, Outlook Web Access etc. eToken PASS has an algorithm of one-time password generation (One-Time Password – OTP) implemented. This algorithm is based on HMAC and SHA-1 hash function. The OTP value calculation uses two input parameters: private key (initial value for the generator) and current value of the counter (the number of generation cycles required).
Initial value is stored both in the device itself, and on the server in Indeed system. Device counter is incremented with every OTP generation, and server counter increments with every successful authentication with OTP.
Provider installation
- Install the Indeed HOTP Provider by running Indeed HOTP Provider Provider.x64.ru-ru.msi installer IndeedAM.AuthProviders.HOTP-x64.msi installer.
- After the installation is complete, system restart might be necessary. If the installation wizard prompts to restart the system - confirm this action.
- The product removal/ restoring is carried out using the standard procedure for the supported operating systems, via Control panel menu.
Device adding
Info |
---|
A device can be registered for one user only. |
To add a device, proceed as follows:
- Open the Admin Console management console.
- Switch to “Devices” tab.
- Click "Add device".Image Added
Note |
---|
A device can also be added from a file with device parameters (“From file” tab) or via manual input of parameters (“Manual” tab). |
- Adding a device from file.
- Click “Select file” “Select file” at the “From file” “From file” tab.
Select an XML file with device parameters.
Code Block title Example <Tokens xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> <Token serial="000200071927"> <CaseModel>5</CaseModel> <Model>109</Model> <ProductionDate>11/4/2008</ProductionDate> <ProductName>Aladdin OTPO v1.0</ProductName> <Applications> <Application ConnectorID="{a61c4073-2fc8-4170-99d1-9f5b70a2cec6}"> <Seed>884f20ce4b2c406e0b6199338990bb6cc3fabac403eaa7f8</Seed> <MovingFactor>1</MovingFactor> </Application> </Applications> </Token> </Tokens>
- Click "Add".Image Added
- Adding a device manually.
- Select "Manual” tab.
- Specify the device serial number in the “Serial number” field.
- Specify the private key generated by the device in the “Private key” field.
- The “Comment” field is optional. Click “Add”. Image Added
Modifying a device.
To edit a device, proceed as follows:
- Open the Admin Console management console.
- Switch to “Devices” tab.
- Select "Hardware OTP” in “Authentication provider” OTP” in “Authentication provider” field. Specify the device serial number (if available) in the “Serial number” “Serial number” field and perform searching for the device.Image Added
- Select the found device and click edit icon.Image Added
- In the edit window, you can change the device serial number, its comment or deactivate the device. To save the changes made, click Save. Image Added
Device removal.
To remove a device, proceed as follows:
- Open the Admin Console management console.
- Switch to “Devices” “Devices” tab.
- Select "Hardware OTP” in “Authentication provider” OTP” in “Authentication provider” field. Specify the device serial number (if available) in the “Serial number” “Serial number” field and perform searching for the device.Image Added
- Select the found device and click “Remove device”“Delete devices”.Image Added
- Confirm removal in the popup window that appears.Image Added
Device synchronization.
To synchronize a device, proceed as follows:
- Open the Admin Console management console.
- Open the user card with registered device.
- Click “Device settings” “Device settings” and select “Sync” “Sync” item.Image Added
- Specify the one-time passwords from the device in the “One“One-time password 1” 1” and “One“One-time password 2” 2” respectively and click “Sync”“Sync”.Image Added
- You should return to the user page after synchronization is completed successfully.
“Settings of synchronization and one-time password verification” policy
This defines the counter value range for synchronization and one-time password verification. Default value:
- “Sync “Sync interval" - 1000
- “One“One-time password verification interval” interval” - 50
Image Added
Backtotop