Chat now with support
Chat mit Support

Defender 5.11 - Defender AD FS Adapter 5.10 Administration Guide

Using GrIDsure tokens for Authenticating AD FS relay parities.

Using GrIDsure tokens for Authenticating AD FS relying parties.

To authenticate on a AD FS relying party by using the GrIDsure token

  1. In your Web browser, enter the address of the AD FS relying party you want to access.
    If the AD FS relying party is protected with the GrIDsure personal identification system, the following page opens:

 
  1. Type your user name, password, and then click Sign In.

When configuring GrIDsure token for the first time, the login page prompts you to enter your Windows password:

The page that opens may look different if you have two or more types of Defender Tokens assigned:

In this case, click Use GrIDsure.

  1. Type your Windows password, and then click Continue.

If this is the first time you are authenticating using the GrIDsure token, you may be prompted to configure your GrIDsure Personal Identification Pattern (PIP). For more information, see How to configure and use your Personal Identification Pattern (PIP).

  1. You are now prompted to authenticate using your GrIDsure PIP. Type the numbers located in the cells you chose when configuring your GrIDsure PIP.
  2. In the Enter passcode text box, type your PIP, and then click Sign In to access the protected Web site. You can select the Reset PIP check box to reset your current PIP after you sign in.

How to configure and use your Personal Identification Pattern (PIP)

To authenticate with the GrIDsure token, you need to use a special code, the GrIDsure Personal Identification Pattern (PIP).

When you access a resource protected with the GrIDsure personal identification system for the first time, you are prompted to configure your PIP. In this case, a matrix of cells similar to the following image is displayed:

In this matrix, choose the cells you want to use for authentication, and then, in the Configure your GrIDsure PIP text box, type the codes contained in the cells you have chosen. Do not leave blank spaces between the codes.

For example, if you choose the first four cells in the first row of the matrix above, in the Configure your GrIDsure PIP text box, type CCAPBCAH (without spaces), and then press ENTER or click Continue.

From now on, each time you authenticate with your GrIDsure token, you must use the codes displayed in the matrix cells you have chosen when configuring your PIP. These codes will be different each time the matrix of cells displays.

For example, next time the matrix may look as follows:

In this case, use the Use your GrIDsure PIP text box to type 2835, and then press ENTER or click Continue.

Dignostic Logging

Diagnostic logging

To troubleshoot issues that may occur during authentication with Defender, you must enable diagnostic logging for the Defender AD FS Adapter.

To enable diagnostic logging for Defender AD FS Adapter

  • On a computer where Defender AD FS Adapter is installed, create the following value in the

    HKEY_LOCAL_MACHINE\SOFTWARE\One Identity\Defender\AD FS Adapter registry key using the Registry Editor:

    Value type: REG_DWORD

    Value name: Diagnostics

    Value data: 1

The path to the log file: %ProgramData%\One Identity\Defender\Diagnostics\AD FS Adapter

File name for Adapter: DefenderAdapter.log

File name for Configuration tool: Configuration.log

To disable diagnostic logging for Defender AD FS Adapter, delete the Diagnostics value from the Defender AD FS Adapter registry key or set the value data to 0.

Verwandte Dokumente

The document was helpful.

Bewertung auswählen

I easily found the information I needed.

Bewertung auswählen