立即与支持人员聊天
与支持团队交流

Defender 6.5.1 - Administration Guide

Getting started Managing Defender objects in Active Directory Configuring security tokens Securing VPN access Securing Web sites Securing Windows-based computers Defender Management Portal (Web interface) Securing PAM-enabled services Delegating Defender roles, tasks, and functions Automating administrative tasks Administrative templates Integration with Active Roles Push Notifications Appendices
Appendix A: Enabling diagnostic logging Appendix B: Troubleshooting common authentication issues Appendix C: Troubleshooting DIGIPASS token issues Appendix D: Defender classes and attributes in Active Directory Appendix E: Defender Event Log messages Appendix F: Defender Client SDK Appendix G: Defender Web Service API

Set Defender Password

The Set Defender Password command allows you to set a Defender password for the selected user.

On Set Defender Password page, you can use the following elements:

  • New password  Type the new Defender password for the user.
  • Confirm password  Type the new Defender password to confirm it.
  • Expire password  Select this check box if you want the new Defender password to expire in a preconfigured period of time.
  • Set Password  Click this button to apply the new password.

Program Defender Token

The Program Defender Token command allows you to program a security token for the selected user. Clicking this command opens the following page:

On Program Defender Token page, select the token you want to program, and, if applicable, a token operational mode (synchronous or challenge-response). When finished, click the Program button.

For some token types, a new page with the following additional options may open:

  • Token serial  Displays the serial number of the token you have assigned to the user.
  • Activation code  Displays the code the user must enter to activate the assigned token. You can click the Copy button to copy the displayed activation code to the Windows Clipboard.
  • Send activation e-mail to  Allows you to send the token activation code to the user by e-mail. Type the recipient e-mail address in the text box, and then click Send to send the e-mail message containing the activation code to the user. This option is only available if you have enabled it via a Group Policy administrative template supplied with Defender. For more information, see Administrative templates.

Enabling additional features via Group Policy

You can use Group Policy to enable a number of optional features provided by the Defender Integration Pack for Active Roles. These features include the automatic sending of e-mails with token activation codes, propagation of token configuration settings via Group Policy, and the ability to set an expiry period for temporary responses. To enable these features, you need to use the Group Policy administrative template supplied with Defender.

To enable Defender features via Group Policy

  1. Install the Defender Group Policy administrative template (DefenderGroupPolicy.adm) on a domain controller.
  2. Configure the settings provided by the Defender Group Policy administrative template.

For more information, see Installing administrative templates.

Enabling automatic deletion of tokens

The Defender Integration Pack for Active Roles installs an additional deprovisioning policy that allows you to enable the automatic deletion of tokens for deprovisioned users.

To enable the automatic deletion of tokens

  1. Open the Active Roles console.
  2. In the left pane, expand Configuration | Policies | Administration.
  3. Right-click the Defender node, point to New, and then click Deprovisioning Policy.
  4. Step through the wizard.
  5. In the Policy to Configure step, in the list, expand the Defender node to select Unassign Tokens.
  6. Complete the wizard. Keep the default settings in the remaining wizard steps.

    The new Unassign Tokens deprovisioning policy is now available for use and you can add it as a deprovisioning policy.

相关文档

The document was helpful.

选择评级

I easily found the information I needed.

选择评级