Versions Compared

Old Version 2

changes.mady.by.user Vladislav Fomichev

Saved on

compared with

New Version Current

changes.mady.by.user Vladislav Fomichev

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...


Info

Files of Indeed AM HOTP Provider reside in: indeed AM\Indeed AM Providers\Indeed AM HOTP Provider\<Version number>\

...

  • IndeedAM.

...

  • AuthProviders.

...

  • HOTP-

...

  • x64.msi

...

  •  is the installation package of Indeed HOTP Provider.
  • /Misc folder contains policy templates.About the Indeed HOTP Provider component

About the Indeed AM HOTP Provider component

The autonomous one-time password generator eToken PASS can be used for authentication in any applications and services that support RADIUS protocol – VPN, Microsoft ISA, Microsoft IIS, Outlook Web Access etc. eToken PASS has an algorithm of one-time password generation (One-Time Password – OTP) implemented. This algorithm is based on HMAC and SHA-1 hash function. The OTP value calculation uses two input parameters: private key (initial value for the generator) and current value of the counter (the number of generation cycles required).

Initial value is stored both in the device itself, and on the server in Indeed system. Device counter is incremented with every OTP generation, and server counter increments with every successful authentication with OTP.

Provider installation

  1. Install the Indeed HOTP Provider by running

...

  1. IndeedAM.AuthProviders.HOTP-x64.msi installer.
  2. After the installation is complete, system restart might be necessary. If the installation wizard prompts to restart the system - confirm this action.
  3. The product removal/ restoring is carried out using the standard procedure for the supported operating systems, via Control panel menu.

Device adding

...

Info

A device can be registered for one user only.

To add a device, proceed as follows:

  1. Open the

...

  1. Admin Console management console.
  2. Switch to

...

  1. Devicestab.
  2. Click "Add device".Image Added
Note

...

A device can also be added from a file with device parameters (

...

From filetab) or via manual input of parameters (

...

Manualtab).

  1. Adding a device from file.
    1. Click

...

    1. Select fileat the

...

    1. From filetab.

    2. Select an XML file with device parameters.

      Code Block
      titleExample
      <Tokens xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
    <Token serial="000200071927">
            <CaseModel>5</CaseModel>
            <Model>109</Model>
            <ProductionDate>11/4/2008</ProductionDate>
            <ProductName>Aladdin OTPO v1.0</ProductName>
        <Applications>
            <Application ConnectorID="{a61c4073-2fc8-4170-99d1-9f5b70a2cec6}">
            <Seed>884f20ce4b2c406e0b6199338990bb6cc3fabac403eaa7f8</Seed>
            <MovingFactor>1</MovingFactor>
            </Application>
        </Applications>
    </Token>
</Tokens>


    3. Click "Add".Image Added
  2. Adding a device manually.

    ...

      1. Select "

    ...

      1. Manualtab.
      2. Specify the device serial number in the

    ...

      1. Serial numberfield.
      2. Specify the private key generated by the device in the

    ...

      1. Private keyfield.
      2. The

    ...

      1. Commentfield is optional. Click

    ...

      1. AddImage Added

    Modifying a device.

    To edit a device, proceed as follows:

    1. Open the

    ...

    1. Admin Console management console.
    2. Switch to

    ...

    1. Devicestab.
    2. Select "Hardware

    ...

    1. OTP” in “Authentication providerfield. Specify the device serial number (if available) in the

    ...

    1. Serial numberfield and perform searching for the device.Image Added
    2. Select the found device and click edit icon.Image Added
    3. In the edit window, you can change the device serial number, its comment or deactivate the device. To save the changes made, click Save. Image Added

    Device removal.

    To remove a device, proceed as follows:

    1. Open the

    ...

    1. Admin Console management console.
    2. Switch to

    ...

    1. Devicestab.
    2. Select "Hardware

    ...

    1. OTP” in “Authentication providerfield. Specify the device serial number (if available) in the

    ...

    1. Serial numberfield and perform searching for the device.Image Added
    2. Select the found device and click

    ...

    1. Delete devices.Image Added
    2. Confirm removal in the popup window that appears.Image Added

    Device synchronization.

    To synchronize a device, proceed as follows: 

    1. Open the

    ...

    1. Admin Console management console.
    2. Open the user card with registered device.
    3. Click

    ...

    1. Device settingsand select

    ...

    1. Syncitem.Image Added
    2. Specify the one-time passwords from the device in the

    ...

    1. One-time password

    ...

    1. 1and

    ...

    1. One-time password

    ...

    1. 2respectively and click

    ...

    1. Sync.Image Added
    2. You should return to the user page after synchronization is completed successfully. 

    “Settings of synchronization and one-time password verification” policy

    This defines the counter value range for synchronization and one-time password verification. Default value:

    ...

    • Sync interval" - 1000

    ...

    • One-time password verification

    ...

    • interval- 50

    Image Added

    Backtotop