Digipass Plug-In for IAS Product Guide - Vasco
Digipass Plug-In for IAS Product Guide - Vasco
Digipass Plug-In for IAS Product Guide - Vasco
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
<strong>Digipass</strong> <strong>Plug</strong>-<strong>In</strong> <strong>for</strong> <strong>IAS</strong> <strong>Product</strong> <strong>Guide</strong> <strong>Digipass</strong><br />
2.4 <strong>Digipass</strong> Record Functions<br />
A number of functions are available in the <strong>Digipass</strong> Extension <strong>for</strong> Active Directory Users and<br />
Computers to administer <strong>Digipass</strong> records. These are typically required <strong>for</strong> maintenance – eg.<br />
a User has <strong>for</strong>gotten their Server PIN, or a <strong>Digipass</strong> has been locked.<br />
2.4.1 Reset Application<br />
A <strong>Digipass</strong> Application may need to be reset if the time difference between it and the server<br />
needs to be recalculated. This would typically be <strong>for</strong> time-based Response Only <strong>Digipass</strong> after<br />
a very long period of inactivity. The 'reset' widens the allowable time window <strong>for</strong> the next<br />
login, allowing the User to log in and the <strong>IAS</strong> <strong>Plug</strong>-<strong>In</strong> to calculate the current time shift.<br />
2.4.2 Set Event Counter<br />
If the event count <strong>for</strong> an event-based application has become unsynchronised between the<br />
<strong>Digipass</strong> and the server, this function can be used to set the server event count to the event<br />
count on the <strong>Digipass</strong>.<br />
2.4.3 Reset PIN<br />
If a User’s Server PIN needs to be changed – usually because the User has <strong>for</strong>gotten it – then<br />
it can be reset, and the User can create a new Server PIN when they next log in. This may be<br />
done when unassigning or re-assigning a <strong>Digipass</strong>.<br />
2.4.4 Force PIN Change<br />
This function can be used when an administrator wants a User to change their Server PIN on<br />
their next login. This may be desirable as a security measure.<br />
2.4.5 Set PIN<br />
A User’s Server PIN can be set to a specific value and communicated to the User.<br />
2.4.6 Unlock <strong>Digipass</strong><br />
If a User incorrectly enters their <strong>Digipass</strong> PIN into their <strong>Digipass</strong> a predetermined number of<br />
times, the <strong>Digipass</strong> will become locked. Once locked, the assistance of an administrator will be<br />
required to unlock it. This function allows an administrator to provide the User with an Unlock<br />
Code to enter into their <strong>Digipass</strong>.<br />
2.4.7 Reset Application Lock<br />
If a User has attempted to log in with incorrect details too many times, the <strong>Digipass</strong><br />
Application used may be locked, depending on Policy settings. This function can be used to set<br />
the record <strong>for</strong> the <strong>Digipass</strong> Application to the status of unlocked. This differs from User<br />
locking, as the User may still log in with a different <strong>Digipass</strong>.<br />
2.4.8 Test a <strong>Digipass</strong> Application<br />
Use this function to check that a <strong>Digipass</strong> Application is working as expected. There is also a<br />
function to test the Backup Virtual <strong>Digipass</strong> functionality.<br />
© 2005 VASCO Data Security <strong>In</strong>c. 36