aXsGUARD Gatekeeper Single Sign-On Utility (SSO) - Vasco
aXsGUARD Gatekeeper Single Sign-On Utility (SSO) - Vasco
aXsGUARD Gatekeeper Single Sign-On Utility (SSO) - Vasco
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
<strong>aXsGUARD</strong> <strong>Gatekeeper</strong> <strong>Single</strong> <strong>Sign</strong>-<strong>On</strong> <strong>Utility</strong> (<strong>SSO</strong>) How To v1.6 Concept and Features<br />
2.5 Installation Modes<br />
2.5.1 Domain Mode<br />
The <strong>SSO</strong> Authentication <strong>Utility</strong> can be installed using the following modes:<br />
The Windows Domain Mode: <strong>On</strong>ly applies to Windows clients.<br />
The Workgroup Mode: Applies to Windows and Linux clients.<br />
The <strong>aXsGUARD</strong> <strong>Gatekeeper</strong> <strong>SSO</strong> Authentication <strong>Utility</strong> is designed to be integrated with a Microsoft Windows<br />
Domain. <strong>aXsGUARD</strong> <strong>Gatekeeper</strong> Firewall and Web Access rights are granted based on the provided Windows<br />
Domain (AD) credentials. The user is automatically authenticated with the <strong>aXsGUARD</strong> <strong>Gatekeeper</strong> after<br />
successfully logging on to the Domain. The Windows Domain has to be be listed in the <strong>aXsGUARD</strong><br />
<strong>Gatekeeper</strong>'s allowed domains (see section 3.2). The Domain Mode can only be used on Windows clients.<br />
Note<br />
2.5.2 Workgroup Mode<br />
In Domain Mode, the <strong>aXsGUARD</strong> <strong>Gatekeeper</strong> user name has to be identical to the Active<br />
Directory user name.<br />
The <strong>aXsGUARD</strong> <strong>Gatekeeper</strong> <strong>SSO</strong> Authentication <strong>Utility</strong> can also be used without a Microsoft Domain on<br />
Windows and Linux clients. This is referred to as Workgroup Mode. The <strong>SSO</strong> <strong>Utility</strong> allows you to create<br />
multiple profiles for different users and / or locations. You can set a default user profile, which is automatically<br />
activated after logging on to the PC. The Workgroup Mode offers several possibilities:<br />
You can store the user credentials in a user profile: The <strong>aXsGUARD</strong> <strong>Gatekeeper</strong> user credentials are<br />
stored locally on the PC.<br />
Enforce Password Authentication: If you company policy prevents you from storing passwords locally, you<br />
can leave the password field blank. As a result, the user is required to authenticate after logging on to<br />
Windows (see section).<br />
Enforce VASCO Digipass Authentication: Rather than using a regular password as explained above, it is<br />
much more secure to use a <strong>On</strong>e-Time Password (OTP) generated by a DIGIPASS. For more information<br />
about Digipass Authentication, consult the <strong>aXsGUARD</strong> <strong>Gatekeeper</strong> Authentication How To, which can be<br />
accessed by clicking on the permanently available Documentation button.<br />
Caution<br />
Do not store the password in a user profile when using Digipass Authentication.<br />
© 2009 - VASCO Data Security 13