About the Indeed AM Email OTP Provider component

The Email OTP Provider is intended for user authentication with one-time passwords sent to the user in question via e-mail.

A one-time password is a random combination of digits, special characters and Latin characters). A password is generated by Indeed AM. The result is sent to E-mail delivery service. The latter sends it to the user in the form of e-mail message. Data transmission is performed via SMTP protocol (Simple Mail Transfer Protocol).

Installation

1. Install Indeed Email OTP Provider by running IndeedAM.AuthProviders.SMTP-x64.msi installer.
2. After the installation is complete, system restart might be necessary. If the installation wizard prompts to restart the system - confirm this action.
3. The product removal/ restoring is carried out using the standard procedure for the supported operating systems, via Control panel menu.

Configuring the phone number attribute

To change the default attribute, it is necessary to add some parameters to the server configuration file (C:\inetpub\wwwroot\easerver\Web.config).

• Add "userMapRules" tag to "adUserCatalogProvider” tag. Add tag "adObjectMapRule" to "userMapRules” tag with the following parameters:
• “attribute="Email"" defines the parameter being changed.
• “adAttribute="otherMailbox"" - specifies the AD attribute to receive value from.
• Add "objectTypeSettings” tag.

• Add "objectSetting" tag with "category="person" class="user"” parameters.

  <adUserCatalogProvider id="userId" serverName="ind.loc" containerPath="DC=ind,DC=loc" userName="userAdmin" password="Q1q2E3e4"> <userMapRules> <adObjectMapRule attribute="Email" adAttribute="otherMailbox"/> <objectTypeSettings> <objectSetting category="person" class="user"></objectSetting> </objectTypeSettings> </userMapRules> </adUserCatalogProvider>

  
  

Configuring the authentication parameters

SMTP server settings

The policy applies to Indeed AM servers. It allows to configure the following settings to use with SMTP server:

• Server (DNS name, IP address) defines the address of server to connect to;
• Port defines connection port to use;
• Server timeout defines server response timeout in seconds; 
• Connection type defines the type of connection: insecure,  TLS or SSL connection;
• Username  defines account name to use for connection to server; 
• Password  defines account password to use for connection to server;
• One-time password in message subject – if enabled, the one-time password is specified in the message subject. Otherwise, it is specified in the message text.
• Message text defines sender name and e-mail address, subject and text of the message.

Not Configured or Disabled

If the policy is not configured or disabled, then Indeed AM Email OTP Provider is not used for user authentication.

Enabled

If the policy is enabled, then Indeed AM Email OTP Provider is used for authentication, according to the policy parameters.

One-time password generation settings

The policy applies to Indeed AM servers. It allows to configure one-time password length and usage of character groups for password generation.

Not Configured or Disabled

If the policy is not configured or disabled, a password generated would be 6 characters long and would contain digits only.

Enabled

The one-time password is generated according to the policy parameters. If the policy is enabled, but no character category is defined, then the password will contain digits only (password length is 6 characters by default).