Chat now with support
Chat with Support

Defender 6.1 - Administration Guide

Getting started Managing Defender objects in Active Directory Configuring security tokens Securing VPN access Securing Web sites Securing Windows-based computers Defender Management Portal (Web interface) Securing PAM-enabled services Delegating Defender roles, tasks, and functions Automating administrative tasks Administrative templates Integration with Active Roles Appendices
Appendix A: Enabling diagnostic logging Appendix B: Troubleshooting common authentication issues Appendix C: Troubleshooting DIGIPASS token issues Appendix D: Defender classes and attributes in Active Directory Appendix E: Defender Event Log messages Appendix F: Defender Client SDK Appendix G: Defender Web Service API

Push Notifications

A notification is a message that displays outside the contextual UI to provide the user with critical reminders or other information from a particular app on the mobile devices. Users can tap the notifications to open the app or take a predefined action directly from the notification. Push notifications for in-house applications allow users in your organization to receive important notification messages on their compatible mobile devices.

How the Defender Push Notification Works

The pushnotification feature is supported and configurable on both Android (version 8 or later) and iOS (iOS 10 or later) devices. The following sections describe the key Admin and User actions for using push notifications.

Admin
User actions
  • Users activate the newly created token from the 6.1.0 release.

  • The pushnotification is triggered when users initiate the login authentication process to Defender and type the "push" (case insensitive, without quotes) keyword in the token field. The users receive the respective notification on their compatible devices as defined during the configuration of the security token.

  • The notification seeks a user response in form of Approve or Deny for access to the resources. Based on the user's response, the respective action takes place and the notification cycle completes.

Appendices

Appendix A: Enabling diagnostic logging

To gather additional information on various Defender components, you can enable diagnostic logging for each component.

To enable the logging for some Defender components, you need to edit the Registry.

Caution: The following sections instruct you to modify the Registry. Note that incorrectly modifying the Registry may severely damage the system. Therefore, you should make the changes carefully. It is highly advisable to create a backup of the Registry before making changes to Registry data.

Administration Console

To enable diagnostic logging for Administration Console

  • On a computer where Administration Console is installed, use Registry Editor to create the following value in the HKLM\SOFTWARE\PassGo Technologies\Defender\Defender AD MMC registry key:

    Value type: REG_DWORD

    Value name: Diagnostics

    Value data: 1

The path to the log file is %ProgramData%\One Identity\Defender\Diagnostics\defender_ade_mmc.txt.

To disable diagnostic logging for Administration Console, delete the Diagnostics value from the Defender AD MMC registry key, or set the value data to 0.

Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating