docDefender - Aladdin eToken NG-OTP
download 
Report Transcription
Defender - Aladdin eToken NG-OTP
Defender - Aladdin eToken NG-OTP This document describes how to program and use the Aladdin eToken NG-OTP. Note: To program or authenticate using the Aladdin eToken NG-OTP the required Aladdin Client software environment must be installed on both the server used to program the tokens, and the client workstations. Before following these instructions you should ensure that the eToken has been initialized and the eToken password is available. The default password for the Aladdin eToken is usually set to 1234567890. How to Program the Aladdin eToken NG-OTP The Aladdin eToken is programmed individually using the Defender USB token programming option. No token import file is required. 1) Using Active Directory Users & Computers (ADUC), open the Properties dialog for the required user and select the Defender tab. 2) Select Program to start the Token Programming Wizard. 3) Click Next to display the Token Types dialog. Defender How To Program the Aladdin eToken NG-OTP 4) Select Defender USB. 5) Select Next. 6) In the Current PIN field, enter the user password that was initialized on the eToken. The Initial PIN can be the same as the Current PIN or, if you are changing the Initial PIN, it must match the password security requirements for the eToken, for example, consist of at least 8 characters and include upper and lower case letters, punctuation marks and numbers in random order. The Initial PIN value will be used by the user as their token passphrase when using the eToken with the Defender Desktop Token software. 7) Select Next. 2 Defender How To Program the Aladdin eToken NG-OTP 8) Select Next. 9) Ensure that your Aladdin eToken is available and select Continue. 10) The token has been programmed. Select Continue. 3 Defender How To Program the Aladdin eToken NG-OTP 11) The token details are written to Active Directory. Select Continue to complete the token programming procedure. 12) Select Finish. 13) The Aladdin eToken has now been programmed and assigned to the users account. 4 Defender How To Program the Aladdin eToken NG-OTP Distributing the Token The Aladdin eToken NG-OTP is now ready for distribution to the user. The user will also need to know the PIN (passphrase) configured on the eToken as this will be used as the PIN for the token when used with the Defender Desktop Token software. Please refer to the instructions below for information on authenticating with the eToken. Troubleshooting / Tips If the token cannot be programmed, ensure that the eToken has been initialized using the PKI Client. The configured user’s password on the eToken is used as the Current PIN value during the token programming wizard. Authenticating with the Aladdin eToken NG-OTP The Aladdin eToken NG-OTP can be used as an OTP (One-Time Password) device which displays the next token response in the window when the button on the eToken is pressed. Alternatively, the eToken can be used as a USB device together with Quest’s Defender Desktop Token software. This process in described in the following steps. Pre-requisites • Defender Desktop Token Software Update 20090505 (version 5.3.0.571) or later • Aladdin PKI Client v4.55 or later Authentication To generate the token response (OTP) from your Aladdin eToken: 1. Insert the Aladdin eToken NG-OTP into a USB port on your workstation. 2. Open the Defender Desktop Token application. 3. The Defender Desktop Token software will recognize the Aladdin eToken as an attached device and the token can then be used in the same way as a standard Windows Desktop Token. 4. Enter the PIN (passphrase) provided by your administrator in the Passphrase field. 5. Select OK. 5 Defender How To Program the Aladdin eToken NG-OTP 6. Select Get Response. 7. Select OK and then press the button on the Aladdin eToken NG-OTP. The next token response is then generated and displayed. To access the Defender Desktop Token interface, select Tokens in the Enter Passphrase dialog to display the interface as shown below: The interface can be used to change the currently configured passphrase and view the token properties. Please refer to the Defender Software Token User Guide for further information. © 2012 Quest Software, Inc. ALL RIGHTS RESERVED. Quest, Quest Software, the Quest Software logo and Webthority are trademarks and registered trademarks of Quest Software, Inc. in the United States of America and other countries. Other trademarks and registered trademarks are property of their respective owners. 6
