立即与支持人员聊天
与支持团队交流

One Identity Safeguard for Privileged Sessions 6.5.0 - YubiKey Multi-Factor Authentication - Overview

[USERMAPPING]

By default, SPS assumes that the external YubiKey identity of the user is the same as the gateway username (that is, the username the user used to authenticate on SPS during the gateway authentication). If there was no gateway authentication, then the server username is used for authentication.

The gateway usernames are different from the external YubiKey identities, you must configure the SPS YubiKey plugin to map the gateway usernames to the external YubiKey identities.

The external identity is the YubiKey Public ID, which is 12 lowercase letters.

You can use the following methods:

The Explicit method has priority over the LDAP server method.

If you have configured neither the append_domain parameter nor any of the [USERMAPPING] sections, SPS assumes that the external YubiKey identity of the user is the same as the gateway username.

相关文档