Files of Axidian AM SMS OTP Provider reside in: axidian AM\Axidian AM Providers\Axidian SMS OTP Provider\<Version number>\

  • AxidianAM.AuthProviders.StorageSmsOTP-x64.msi is the installation package of Axidian SMS OTP Provider.
  • AxidianID.SMSOTP.Password.Encryptor.exe is the utility for encryption of SMS gateway password.
  • /Misc - folder contains policy templates.


Axidian AM Storage SMS OTP Provider

This provider is provided only in the scenario with the Axidian AM Radius Extension component.

If you want to keep the Axidian AM data in the SQL database, you can use the Axidian AM Storage SMS OTP Provider. This provider will allow you to store, receive, and update the Axidian AM users' phone numbers in the SQL database. Phone numbers are stored in encrypted form.

Axidian AM Storage SMS OTP Provider requires SMS gateway. This gateway should be accessible from every Axidian AM server where  Axidian AM SMS OTP Provider is to be installed.

The authenticator require enrollment.

Installation

  1. Install Axidian SMS OTP Provider by running AxidianAM.AuthProviders.SmsOTP-x64.msi installer.
  2. After the installation is complete, system restart might be necessary. If the installation wizard prompts to restart the system - confirm this action.
  3. The product removal/ restoring is carried out using the standard procedure for the supported operating systems, via Control panel menu.

Provider registration 

You can use the lightweight version of the Axidian AM EAPhoneServer API to register providers. This solution was specially designed for the Storage SMS OTP Provider. Alternatively, you can use the main API of the Axidian system. 

Configuring the authentication parameters

It is necessary to add the Axidian AM policy templates into the administration template list before starting to configure group policies. Policy template files are included into the installation package and can be found in the Misc folder.

SMS delivery service 

The policy applies to Axidian servers. It allows to configure the following settings to use with SMS server:

  • Use tls defines whether encryption is to be used or not.
  • URL(IP address) defines the address of server to connect to.
  • Port defines connection port to use.
  • SystemId (Username) - defines the account name to use for connection to server.

  • Password defines account password to use for connection to server.

    The password can be defined either in explicit form, or in encrypted one. To encryption the password, use the AxidianAM.SMSOTP.Password.Encryptor.exe utility from the installation package of provider.

  • SystemType is the field for PDU operation BIND_TRANSCEIVER of SMPP protocol.
  • Sender defines the sender name to be displayed to the SMS message recipient.
  • Additional text before OTP defines the message text that precedes the OTP. By default, only OTP is sent. For advanced settings, use the following parameters:
    • <app> defines the name of application that sent the authentication request.
    • <requestLocalServerTime> defines the local server time of request receiving.
    • <requestComputerDns> defines the DNS of computer that sent the request.

    • <requestComputerIp>defines the IP of computer that sent the request.

      OTP code display is not configurable. It is always displayed at the end of the message.

      To provide for word wrap in the message, it is necessary to modify HKLM/SOFTWARE/Policies/Axidian-ID/BSPs/SMSOTP registry key. Change the older parameter "messageOTP" of  "REG_SZ” type to "messageOTP" of "REG_MULTI_SZ” type.

  • SMS status timeout defines the timeout of receiving the status of the SMS from server.
  • PDU with SMS status defines the PDU that server send the status of the message sent in.
  • source_addr_ton  defines Type of Number for the source address.
  • source_addr_npi defines Numbering Plan Indicator for the source address.
  • dest_addr_ton defines Type of Number for the destination.
  • dest_addr_npi defines the Numbering Plan Indicator for the destination.
  • esm_class defines the Message Mode & Message Type.
  • registered_delivery defines the indicator of request for SMSC or SME confirmation.
  • data_coding defines the encoding scheme for user data in the short message.

Configuring the message format 

The policy makes it possible to define the settings of date display in the message. Format examples can be viewed here: https://docs.microsoft.com/dotnet/standard/base-types/standard-date-and-time-format-strings

Enabled

The date is displayed according to the format set in the policy.

One-time password generation settings

The policy applies to Axidian servers. It allows to configure one-time password length and usage of character groups for password generation.

Not Configured or Disabled

If the policy is not configured or disabled, a password generated would be 4 characters long and would contain digits only.

Enabled

The one-time password is generated according to the policy parameters. If the policy is not defined or is disabled, then the password can contain digits and lowercase Latin letters only, and would be 6 characters long.

Settings of concurrent connection to SMPP server

The policy applies to Axidian servers. It allows to configure the processing order for requests to  SMPP server. The policy might be necessary in case the SMPP server does not support multiple simultaneous connections from a single user (account defined in the SMS delivery service policy).

Not Configured or Disabled

Connections to SMPP server and message sending requests are performed in parallel.

Enabled

Connections to SMPP server and message sending requests are performed in sequence.




  • No labels