-
Votes
5
Rolling over RADIUS authentication
getting a possibility to check PIN + OTP on AA and once this is not accepting / valid fowarding the PIN and OTP to a 3rd party AAA server -> using then the Radius Client ...
Comments (1) | by: Frank S. | over a year ago | Last activity over a year ago | Status changed over a year ago | Configuration
-
Votes
9
Ability that an enroll admin can only manage users from specific ...
Today every enroll admin can set or change methods for every user. This can be a security risk. We would like to have the ability that an enroll admin can only manage ...
Comments (1) | by: Kevin S. | over a year ago | Last activity over a year ago | Status changed over a year ago | Configuration
-
Votes
5
Add NAS-IP-Address to Radius event
Please add NAS-IP-Address (Attribut-Type 4) to Radius event. Because some Appliances (as example Cisco ASA) do not support NAS-Identifier.
Comments (0) | by: Kevin S. | over a year ago | Last activity over a year ago | Status changed over a year ago | Configuration
-
Votes
10
Ability for caching shared (linked) authenticators
In reference to SR#101184179111 Today, AAF is not able to cache credentials on windows,linux, macos for users they are using shared (linked) authenticators. Please ...
Comments (2) | by: Kevin S. | over a year ago | Last activity over a year ago | Status changed over a year ago | Configuration
-
Votes
9
Ability to deactivate self enrollment for specific methods
In some cases it is desirable if a admin can configure that it is not possible for an user to (over)write specific methods in the self enrollment. For more flexibillity ...
Comments (1) | by: Kevin S. | over a year ago | Last activity over a year ago | Status changed over a year ago | Configuration
-
Votes
11
Certificate filter - Hide expired certificates
Please hide expired certificates in the "certificate list" during the PKI enrollment
Comments (2) | by: Kevin S. | over a year ago | Last activity over a year ago | Status changed over a year ago | Configuration
-
Votes
5
Option to hide QR Code in TOTP enrollment
It would be a good feature if there is an option to disable the QR-Code or hide the QR Code, if TOTP method is enrolled. If a user re-open an enrolled T-OTP over the ...
Comments (3) | by: Kevin S. | over a year ago | Last activity over a year ago | Status changed over a year ago | Configuration
-
Planned
6
search field for locked user for the helpdesk portal / ability to ...
It would be a good to add these two features. 1) Add search field to search for users in the locked users-list 2) If a user will be opened in the help desk (where you can ...
Comments (1) | by: Kevin S. | over a year ago | Last activity over a year ago | Status changed over a year ago | Configuration
-
Votes
3
REST-API Allow other authentication methods for "Destroy endpount"
Today it is only possible to use PASSWORD:1 for Destroy Endpoint. We would like to have the ability to use other Methods like, LDAP_PASSWORD:1, TOTP:1, HOTP:1 etc.
Comments (0) | by: Kevin S. | over a year ago | Last activity over a year ago | Status changed over a year ago | Configuration
-
Votes
2
Radius only return the CN from the group name
Some customers have trouble with specific VPN Solutions from Cisco or Watchguard. Because with this tools it seems that there is a limitation for the group name field (as ...
Comments (1) | by: Kevin S. | over a year ago | Last activity over a year ago | Status changed over a year ago | Configuration
-
Votes
5
Ability to authenticate trough RADIUS if LDAP Passwor dis expired
Please provide an option to allow authentication trough RADIUS if LDAP Password is expired. Today: It is not possible to authenticate trough the radius event with a ...
Comments (0) | by: Kevin S. | over a year ago | Last activity over a year ago | Status changed over a year ago | Configuration
-
Votes
12
MFA Smartphone native NetIQ App avoid additonal info after QR code ...
- Customer uses AAF Version: 5.6 and Access Manager 4.4. - Using the current version, an additonal info entry is offered after the scan of the QR code for an ...
Comments (3) | by: Karl P. | over a year ago | Last activity over a year ago | Status changed over a year ago | Configuration
-
Votes
4
OTP Message should include a variable with the timestamp of the OTP
On version 5.6U1 the SMS OTP method allows for specific variables to be added as part of the message to be sent to the user. At the moment, only 4 variables are available ...
Comments (2) | by: Bruno U. | over a year ago | Last activity over a year ago | Status changed over a year ago | Configuration
-
Votes
5
Ability to rename Interface field names (Especially the Interfaces ...
I have a customer that rolled out AAF for enterprise users with SMS and TOTP as their authentication mechanisms. On roll out they noticed that helpdesk started receiving ...
Comments (5) | by: Bruno U. | over a year ago | Last activity over a year ago | Status changed over a year ago | Configuration
-
Votes
3
Ability to link AAF v6.x Configuration portal and Desktop OTP app to ...
In multiple conversations with clients there is often the question around how does the NetIQ Smartphone App compares with Google authenticator and often enough the ...
Comments (0) | by: Bruno U. | over a year ago | Last activity over a year ago | Status changed over a year ago | Configuration
-
Votes
3
Provide option to disable the ability for the Enroll admin (Helpdesk) ...
Currently a helpdesk admin can enroll/remove enrollments for his/her own user and some clients do see this as a potential risk. Could we perhaps have a policy, similar to ...
Comments (0) | by: Bruno U. | over a year ago | Last activity over a year ago | Status changed over a year ago | Configuration
-
Votes
5
Using the Smartphone app push notification to Accept/Decline ...
During enrollment, we don't have a notification of the enrollment process that is acknowledged by the user being enrolled. So far the methods we have assume that the ...
Comments (0) | by: Bruno U. | over a year ago | Last activity over a year ago | Status changed over a year ago | Configuration
-
Votes
3
AAF Desktop OTP tool improvements / new requirements
I have a customer in South Africa that is very interested in the functionality provided by the Desktop OTP tool but, AS IS, the Desktop OTP tool poses critical challenges ...
Comments (0) | by: Bruno U. | over a year ago | Last activity over a year ago | Status changed over a year ago | Configuration
-
Votes
4
PIN complexity requirements policy
There is a 'Rename to PIN' functionality in the 'Password' method. I observed that the complexity requirements policy - in this method - does not reflect this. For ...
Comments (1) | by: I e. | over a year ago | Last activity over a year ago | Status changed over a year ago | Configuration
-
Votes
3
Disallow modifications to the Email OTP authenticator method from end ...
There is no ability to disable modifications made to the Email OTP Authenticator via the end user portal. The end user is now able to edit the default email address for ...
Comments (3) | by: I e. | over a year ago | Last activity over a year ago | Status changed over a year ago | Configuration
Micro Focus Enhancement Requests Portal is moving. We are migrating the IDEAS from this site to the New Idea Exchange on May 6th. For more information on the new Idea Exchange please visit the Community FAQs.
We love to hear your ideas for improving Advanced Authentication framework.
