Defender - Aladdin eToken NG-OTP

Transcription

Defender - Aladdin eToken NG-OTP
Defender - Aladdin eToken NG-OTP
This document describes how to program and use the Aladdin eToken NG-OTP.
Note: To program or authenticate using the Aladdin eToken NG-OTP the required Aladdin Client
software environment must be installed on both the server used to program the tokens, and the
client workstations.
Before following these instructions you should ensure that the eToken has been initialized and the
eToken password is available. The default password for the Aladdin eToken is usually set to
1234567890.
How to Program the Aladdin eToken NG-OTP
The Aladdin eToken is programmed individually using the Defender USB token programming
option. No token import file is required.
1) Using Active Directory Users & Computers (ADUC), open the Properties dialog for the
required user and select the Defender tab.
2) Select Program to start the Token Programming Wizard.
3) Click Next to display the Token Types dialog.
Defender How To Program the Aladdin eToken NG-OTP
4) Select Defender USB.
5) Select Next.
6) In the Current PIN field, enter the user password that was initialized on the eToken.
The Initial PIN can be the same as the Current PIN or, if you are changing the Initial PIN,
it must match the password security requirements for the eToken, for example, consist of at
least 8 characters and include upper and lower case letters, punctuation marks and numbers
in random order.
The Initial PIN value will be used by the user as their token passphrase when using the
eToken with the Defender Desktop Token software.
7) Select Next.
2
Defender How To Program the Aladdin eToken NG-OTP
8) Select Next.
9) Ensure that your Aladdin eToken is available and select Continue.
10) The token has been programmed. Select Continue.
3
Defender How To Program the Aladdin eToken NG-OTP
11) The token details are written to Active Directory. Select Continue to complete the token
programming procedure.
12) Select Finish.
13) The Aladdin eToken has now been programmed and assigned to the users account.
4
Defender How To Program the Aladdin eToken NG-OTP
Distributing the Token
The Aladdin eToken NG-OTP is now ready for distribution to the user. The user will also need to
know the PIN (passphrase) configured on the eToken as this will be used as the PIN for the token
when used with the Defender Desktop Token software. Please refer to the instructions below for
information on authenticating with the eToken.
Troubleshooting / Tips
If the token cannot be programmed, ensure that the eToken has been initialized using the PKI
Client. The configured user’s password on the eToken is used as the Current PIN value during the
token programming wizard.
Authenticating with the Aladdin eToken NG-OTP
The Aladdin eToken NG-OTP can be used as an OTP (One-Time Password) device which displays the
next token response in the window when the button on the eToken is pressed. Alternatively, the
eToken can be used as a USB device together with Quest’s Defender Desktop Token software. This
process in described in the following steps.
Pre-requisites
•
Defender Desktop Token Software Update 20090505 (version 5.3.0.571) or later
•
Aladdin PKI Client v4.55 or later
Authentication
To generate the token response (OTP) from your Aladdin eToken:
1. Insert the Aladdin eToken NG-OTP into a USB port on your workstation.
2. Open the Defender Desktop Token application.
3. The Defender Desktop Token software will recognize the Aladdin eToken as an attached
device and the token can then be used in the same way as a standard Windows Desktop
Token.
4. Enter the PIN (passphrase) provided by your administrator in the Passphrase field.
5. Select OK.
5
Defender How To Program the Aladdin eToken NG-OTP
6. Select Get Response.
7. Select OK and then press the button on the Aladdin eToken NG-OTP. The
next token response is then generated and displayed.
To access the Defender Desktop Token interface, select Tokens in the Enter
Passphrase dialog to display the interface as shown below:
The interface can be used to change the currently configured passphrase and view the token
properties. Please refer to the Defender Software Token User Guide for further information.
© 2012 Quest Software, Inc. ALL RIGHTS RESERVED.
Quest, Quest Software, the Quest Software logo and Webthority are trademarks and registered trademarks of
Quest Software, Inc. in the United States of America and other countries. Other trademarks and registered
trademarks are property of their respective owners.
6