サポートと今すぐチャット
サポートとのチャット

Defender 6.5.1 - Administration Guide

Getting started Managing Defender objects in Active Directory Configuring security tokens Securing VPN access Securing Web sites Securing Windows-based computers Defender Management Portal (Web interface) Securing PAM-enabled services Delegating Defender roles, tasks, and functions Automating administrative tasks Administrative templates Integration with Active Roles Push Notifications Appendices
Appendix A: Enabling diagnostic logging Appendix B: Troubleshooting common authentication issues Appendix C: Troubleshooting DIGIPASS token issues Appendix D: Defender classes and attributes in Active Directory Appendix E: Defender Event Log messages Appendix F: Defender Client SDK Appendix G: Defender Web Service API

Appendix G: Defender Web Service API

The Defender Web Service API provides a public web interface to the administrative functionality of Defender.

The interface is exposed through the WebServiceAPI Web service. The installation program configures a windows service that will host the WebServiceAPI web service.

API methods

 

Table 54:

API methods

Method

Description

AddSoftwareTokenToUser method

Assigns a Defender Software token to a user.

AddTokenToUser method

Assigns a Defender token to a user.

GetTokensForUser method

Gets a list of Defender tokens assigned to a user.

RemoveAllTokensFromUser method

Unassigns all Defender tokens from a user.

RemoveDefenderPassword method

Deletes the Defender password for a user or all users in a group.

RemovePinFromUserToken method

Removes a user's PIN from an assigned token.

RemoveTemporaryResponse method

Removes a temporary response from a user's assigned token.

RemoveTokenFromUser method

Unassigns a Defender token from a user.

ResetDefenderToken method

Resets a Defender token to aid authentication when the token is out of synchronization with the server.

ResetDefenderViolationCount method

Reset a user's Defender violation count. Also allows the violation and reset counts to be viewed without resetting them.

SetDefenderPassword method

Sets the Defender password for a user or all users in a group.

SetPinOnUserToken method

Sets a user's PIN for an assigned token.

SetTemporaryResponse method

Sets a temporary response on a user's assigned token.

TestDefenderToken method

Tests a Defender token's response.

AddSoftwareTokenToUser method

If this operation resulted in the token being assigned, then the AssignedToken.TokenCommonName will match the tokenCommonName parameter. If the token was already assigned to this user, then the AssignedToken.TokenCommonName will contain a text message indicating that it was already assigned.

The type of the token added may be one of the following values:

  • Windows
  • IToken
  • Mobile
  • Android
  • EmailOTP
  • Java
  • GrIDsure
  • Authy
  • GoogleAuth

  • MicrosoftAuth

  • OneLoginAuth

These types produce tokens for use on the following platforms:

  • Windows  Windows operating system.
  • IToken  iPhone, iPad, or iPod devices running the iOS operating system.
  • Mobile  SMS token, where a text message containing one-time passwords is sent to the user's mobile phone.
  • Android  Devices running the Android operating system.
  • EmailOTP  E-mail token, where an e-mail message containing one-time passwords is sent to the user.
  • Java  Windows, Mac OS, or Linux operating system that supports Java applications.
  • GrIDsure GrIDsure token allowing users to authenticate themselves with a GrIDsure Personal Identification Pattern.
  • Authy Authy token allowing users to authenticate themselves with one-time passwords generated by the Authy app.
  • GoogleAuth Google Authenticator token allowing users to authenticate themselves with one-time passwords generated by Google Authenticator.

  • MicrosoftAuth Microsoft Authenticator token allowing users to authenticate themselves with one-time passwords generated by Microsoft Authenticator.

  • OneLoginAuth OneLogin Authenticator token allowing users to authenticate themselves with one-time passwords generated by OneLogin Authenticator.

C# syntax
[OperationContract]
[FaultContract(typeof(FaultException))]
AssignedSoftwareToken AddSoftwareTokenToUser(string userCommonName, ProgrammableSoftwareTokenType tokenType, string tokenPin, SoftwareTokenConfiguration configuration, string userSearchBase);

Parameters

  • userCommonName  Common name of the user to whom the token will be assigned.
  • tokenType  The type of the token added.
  • tokenPin  Optional parameter to specify PIN to assign to the user's token. PINs cannot be used when programming a Windows token.
  • configuration Optional parameter to configure the following activation and passphrase settings:
    • Activation Code Timeout Days To configure the number of days for which the token activation code is valid. The default value is 7.
    • Enabling Passphrase Locking To configure whether to lock the token passphrase after a specified number of unsuccessful attempts.
    • Passphrase Attempts The configure the number of unsuccessful attempts after which the token passphrase is locked.
    • Require Passphrase To configure whether the token requires a passphrase or not.
    • Require Strong Passphrase To configure whether a strong passphrase is required or not.
    • Show Passphrase Alerts To configure whether to display alerts about failed passphrase attempts or not.
  • userSearchBase  Optional parameter to specify base container from which to search for users.

Return value

If no error occurs, an AssignedToken is returned. In the case of an error, a Fault is generated. The faultCode can be one of the following:

  • ArgumentOutOfRange  One of the arguments was invalid, further details will be contained in the faultstring.
  • UnknownFault  Any other error, further details may be included in the faultstring.

AddTokenToUser method

If this operation resulted in the token being assigned, then the AssignedToken.TokenCommonName matches the tokenCommonName parameter. If the token was already assigned to this user, then the AssignedToken.TokenCommonName contains a text message indicating that it was already assigned.

C# syntax
[OperationContract]
[FaultContract(typeof(FaultException))]
AssignedToken AddTokenToUser(string tokenCommonName, string userCommonName, string tokenSearchBase, string userSearchBase);

Parameters

  • tokenCommonName  Common name of the token to be assigned.
  • userCommonName  Common name of the user to whom the token will be assigned.
  • tokenSearchBase  Optional parameter to specify base container in which to search for tokens.
  • userSearchBase  Optional parameter to specify base container in which to search for users.

Return value

If no error occurs, an AssignedToken is returned. In the case of an error, a Fault is generated. The faultCode can be one of the following:

  • ArgumentOutOfRange  One of the arguments was invalid, further details will be contained in the faultstring.
  • UnknownFault  Any other error, further details may be included in the faultstring.
関連ドキュメント

The document was helpful.

評価を選択

I easily found the information I needed.

評価を選択