Which Methods can be used with AAVerify? Can I force a user to logon with a fingerprint for example?

  • 7940301
  • 19-Aug-2009
  • 26-Apr-2012

Environment

SecureLogin
SecureLogin SSO
All Versions
MS AD, LDAP, NT4, Citrix, Terminal Services

Situation

Which Methods can be used with AAVerify? Can I force a user to logon with a fingerprint?

Resolution

Note: Information on AAVerify is also in the SecureLogin SSO scripting guide.

SecureLogin SSO’s AAVerify command can enforce strong security on applications and functions that are unable to do so natively. The command can only be used in conjunction with SecureLogin Advanced Authentication (SLAA) or Novell Modular Authentication Services (NMAS). For it to work, you must have installed and configured SecureLogin SSO and EITHER NMAS or SLAA.

By default (or if ""All"" method is specified) the method requested can be any of the methods the user has been granted under their logon method policies.

The Administrator can instruct SecureLogin to request a particular logon method using the -Method switch. It is extremely powerful. For example, a user could be prompted to logon to eMail with a token and to the finance system with a Smartcard if both methods have been configured.

An example of the way the command can be used is in the section of the script below;

 #====================================================== # Logon Prompt # If the user’s fingerprint is verified, logon via SSO # If verification is cancelled, the screen is locked #====================================================== Dialog Title ""Log in"" Class #32770 EndDialog AAVerify –Method ""Biometric"" ?Result If ?Result Eq ""True"" SetPrompt ""Notes Password ===>"" Type $Password #280 Click #1 Else Run ""c:\windows\system32\rundll32.exe""""user32.dll,LockWorkStation"" EndIf 

Methods supported include;

// Any methods ""All"" (default if no method is passed) // Fingerprint ""Biometric"" // Smartcard ""Smartcard"" // VASCO Tokens ""Token"" // Static Password ""Password"" // Passphrase ""Passphrase"" // Platform Password (NT or eDir) ""DirectoryPassword"" // RSA SecureID ""SecureID""

Feedback service temporarily unavailable. For content questions or problems, please contact Support.