To authenticate on a AD FS relying party by using the GrIDsure token
When configuring GrIDsure token for the first time, the login page prompts you to enter your Windows password:
The page that opens may look different if you have two or more types of Defender Tokens assigned:
In this case, click Use GrIDsure.
If this is the first time you are authenticating using the GrIDsure token, you may be prompted to configure your GrIDsure Personal Identification Pattern (PIP). For more information, see How to configure and use your Personal Identification Pattern (PIP).
To authenticate with the GrIDsure token, you need to use a special code, the GrIDsure Personal Identification Pattern (PIP).
When you access a resource protected with the GrIDsure personal identification system for the first time, you are prompted to configure your PIP. In this case, a matrix of cells similar to the following image is displayed:
In this matrix, choose the cells you want to use for authentication, and then, in the Configure your GrIDsure PIP text box, type the codes contained in the cells you have chosen. Do not leave blank spaces between the codes.
For example, if you choose the first four cells in the first row of the matrix above, in the Configure your GrIDsure PIP text box, type CCAPBCAH (without spaces), and then press ENTER or click Continue.
From now on, each time you authenticate with your GrIDsure token, you must use the codes displayed in the matrix cells you have chosen when configuring your PIP. These codes will be different each time the matrix of cells displays.
For example, next time the matrix may look as follows:
In this case, use the Use your GrIDsure PIP text box to type 2835, and then press ENTER or click Continue.
To troubleshoot issues that may occur during authentication with Defender, you must enable diagnostic logging for the Defender AD FS Adapter.
To enable diagnostic logging for Defender AD FS Adapter
HKEY_LOCAL_MACHINE\SOFTWARE\One Identity\Defender\AD FS Adapter registry key using the Registry Editor:
Value type: REG_DWORD
Value name: Diagnostics
Value data: 1
The path to the log file: %ProgramData%\One Identity\Defender\Diagnostics\AD FS Adapter
File name for Adapter: DefenderAdapter.log
File name for Configuration tool: Configuration.log
To disable diagnostic logging for Defender AD FS Adapter, delete the Diagnostics value from the Defender AD FS Adapter registry key or set the value data to 0.
© 2024 One Identity LLC. ALL RIGHTS RESERVED. 利用規約 プライバシー Cookie Preference Center