Chat now with support
Chat with Support

Defender 5.8 - Administrator Guide

Getting started Managing Defender objects in Active Directory Configuring security tokens Securing VPN access Securing Web sites Securing Windows-based computers Securing PAM-enabled services Defender Management Portal (Web interface) Delegating Defender roles, tasks, and functions Automating administrative tasks Administrative templates Integration with Active Roles Integration with Cloud Access Manager Appendices
Appendix A: Enabling diagnostic logging Appendix B: Troubleshooting common authentication issues Appendix C: Troubleshooting DIGIPASS token issues Appendix D: Defender classes and attributes in Active Directory Appendix E: Defender Event Log messages Appendix F: Defender Client SDK Appendix G: Defender Web Service API

Integration with Active Roles

Installing Defender Integration Pack for Active Roles

1
On the target computer, run the ActiveRolesIntegrationPack.exe file supplied in the Defender installation package.
Active Roles Web Interface Extension  Install this feature to be able to perform Defender-related tasks from the Active Roles Web Interface. The computer on which you plan to install this feature must have the Active Roles Web Interface installed. For more information about the commands this feature adds to the Active Roles Web Interface, see Commands added to the Active Roles Web Interface.
Active Roles Console Extension  Install this feature to be able to perform Defender-related tasks from the Active Roles console (MMC Interface). After installing this feature, you can use the Active Roles console to manage Defender-related objects and perform Defender-related tasks. The steps you should perform in the Active Roles console to manage Defender objects are identical to those you perform in Microsoft’s Active Directory Users and Computers tool. For more information, see Managing Defender objects in Active Directory.
To install the Defender Integration Pack for Active Roles Administration Service, run the ActiveRolesAdminServiceIntegrationPack.exe file supplied in the Defender installation package, and then complete the wizard.

Commands added to the Active Roles Web Interface

The Defender Integration Pack for Active Roles adds the Defender category to the Active Roles Web Interface:
Click the Defender category to access the commands added by the Defender Integration Pack for Active Roles to the Active Roles Web Interface.
Defender Properties  Allows you to administer tokens and view and manage the Defender properties for the selected user.
Set Defender Password  Allows you to set a Defender password for the selected user.
Program Defender Token  Allows you to program a security token for the selected user.

Defender Properties

The Defender Properties command allows you to administer tokens, and view and manage the Defender properties for the selected user. Clicking this command opens the following page:
On this page, you can use the User tokens list to view and administer security tokens for the user, view the serial number of each security token assigned to the user, and if the tokens have a PIN configured.
Below the User tokens list, you can use the following elements:
Add  Click this button to search for existing token objects in Active Directory and assign them to the user if necessary.
Defender ID  Allows you to view or change the Defender ID of the user.
Violation count  Displays the number of unsuccessful authentication attempts for the user. To reset violation count for the user, click the Reset Violation Count button, and then click Save.
Reset count  Displays how many times the violation count has been reset so far.
Last authentication  Displays the time and date of user’s last successful authentication.
In the Type column of the User tokens list, you can click a security token name to administer the token. On the page that opens, you can use the following buttons:
Click to set a new PIN for the token. On the page that opens, use the New PIN and Confirm PIN text boxes to type the new PIN. If you want the user to change the new PIN on first use, select the Expire PIN check box. When finished, click the Set PIN button.
Expires  Sets a validity period for the temporary response.
Allow response to be used multiple times  Allows you to set if the temporary response can be used more that once during the specified validity period. When this check box is cleared, the temporary response can only be used once.
Assign  Generates the temporary token response, assigns it to the user’s token, and displays the assigned response in a separate window.
Clear  Immediately removes the temporary token response from the user’s token.
Click to open a page that allows you to test the token response for the selected token: In the Response text box, enter a token response, and then click Verify.
Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating