-
Votes
2
Offline mode: Allow computer to fail open
Currently: If a user is offline, and if he has lost/broken one authenticator (if 2FA deployed with 'something you know' + 'something you have'), he can't login to his ...
Comments (0) | by: Jerome M. | over a year ago | Last activity over a year ago | Status changed over a year ago | Configuration
-
Votes
1
Syslog message when user account is locked by AAF application
It would be beneficial to have a syslog event generated when a user account is locked by AAF using the Lockout Policy. We created a Lockout Policy designed to lock a ...
Comments (0) | by: Jerome M. | over a year ago | Last activity over a year ago | Status changed over a year ago | Configuration
-
Votes
5
Allow for customization of labels when AD password is not sync
Typically, when you change your AD password, you have a message displayed after you successfully logon (OS or Mac Logon) which indicates: ‘"Enter password for sync". We ...
Comments (1) | by: Jerome M. | over a year ago | Last activity over a year ago | Status changed over a year ago | Integrations
-
Votes
9
Add a "password never expires" option for the local user repository
We need this option for the local Admin Account. The local Admin Account's password expires as any other user account. Please add a "password never expires" option to the ...
Comments (0) | by: Christian B. | over a year ago | Last activity over a year ago | Status changed over a year ago | Configuration
-
Votes
3
implement repository search order
In an environment with multiple repositories, it should be possible to define a search order for the repository. The first match wins should be used for authentication. ...
Comments (6) | by: Christian B. | over a year ago | Last activity over a year ago | Status changed over a year ago | Configuration
-
Votes
5
Windows Client set default Domain in config.properties
Add an option to the Windows Client to set a default Domain in config.properties. Example: defaultDomain: DOMAINNAME Expected behaviour: The user types USERNAME (without ...
Comments (1) | by: Christian B. | over a year ago | Last activity over a year ago | Status changed over a year ago | Configuration
-
Votes
6
Support RADIUS Authentication Methods CHAP and MS-CHAP
Our IT-Security Department forbid the usage of PAP because of severe security issues. Please support at least MS-CHAP, otherwise we can't use the AA RADIUS for our ...
Comments (1) | by: Christian B. | over a year ago | Last activity over a year ago | Status changed over a year ago | Integrations
-
Votes
3
Windows Client Debug Log logrotate
You can enable client debug logging by setting logenabled=true in the config.properties. But the logfiles will grow and grow. Please add an option to enable some kind ...
Comments (0) | by: Christian B. | over a year ago | Last activity over a year ago | Status changed over a year ago | Configuration
-
Votes
2
Support for code obfuscation
The idea is to provide support for code obfuscation at the SDK for mobile app's. Mainly for commercial products like DexGuard. Some costumers has internal security ...
Comments (0) | by: Jorge P. | over a year ago | Last activity over a year ago | Status changed over a year ago | Supported Platforms
-
Votes
3
Remove validation of phone numbers to check for "+"
For the users to use the SMS OTP, AA validates the phone number when the phone number does not exist and the user enters the phone number. This validation is is done for ...
Comments (1) | by: Rohit K. | over a year ago | Last activity over a year ago | Status changed over a year ago | Other
-
Votes
4
Dynamic SMS gateway
If there are more than one SMS gateways being used by an organization, there needs to be a dynamic configuration available for the same. The current example can if the ...
Comments (0) | by: Rohit K. | over a year ago | Last activity over a year ago | Status changed over a year ago | Integrations
-
Votes
1
Enhance shared authenticators to allow RSA Tokens.
As stated in the online documentation, the list of authenticators that can be shared is currently limited to TOTP, HOTP, Password, Fingerprint, Card, and FIDO U2F. ...
Comments (0) | by: Don S. | over a year ago | Last activity over a year ago | Status changed over a year ago | Supported Platforms
-
Votes
2
Add “SecureLogin” event to list of default events in Advanced ...
Advanced Authentication should include a generic event called “SecureLogin” in its list of default events. It would also be helpful if SecureLogin were to use this event ...
Comments (0) | by: Don S. | over a year ago | Last activity over a year ago | Status changed over a year ago | Integrations
-
Votes
2
Offline Help Doc
Some clients (US Federal) have systems that cannot access internet and need to see Offline Help Files. Cannot get to https://netiq.com/documentation/.
Comments (2) | by: Bryan W. | over a year ago | Last activity over a year ago | Status changed over a year ago | Other
-
Votes
5
Help Desk "Change User"
Currently need to click on 'username' to get to 'change user'. Not as intuitive for new users. Can it be a separate button on top to click?
Comments (2) | by: Bryan W. | over a year ago | Last activity over a year ago | Status changed over a year ago | Dashboards/Visualization
-
Votes
3
Radius Client Method - Disable Username Management
Make it possible to turn username management off for the radius client method. --> Via the enrollment portal the user has the ability to change the username that is ...
Comments (0) | by: Bart A. | over a year ago | Last activity over a year ago | Status changed over a year ago | Configuration
-
Votes
9
Smartphone App: copy the OTP code to the clipboard
By tapping the OTP code it is possible to copy the OTP code to the clipboard so it is easy to paste in other apps.
Comments (2) | by: Bart A. | over a year ago | Last activity over a year ago | Status changed over a year ago | Dashboards/Visualization
-
Votes
5
Disable/remove save button when (smartphone) method is enrolled, ...
The save button is confusing for users if the method is already enrolled. Deleting an re-adding the method is easier to explain to users, especially if "Enroll TOTP ...
Comments (2) | by: Bart A. | over a year ago | Last activity over a year ago | Status changed over a year ago | Dashboards/Visualization
-
Votes
3
Allow multifactor when enrolling smartphone via /smartphone/enroll url ...
As an Administrator of AAf, admin should be able to add MFA for direct smartphone enrollment url as well. Currently, the product (AAf 6.2) support direct smartphone ...
Comments (1) | by: Micky R. | over a year ago | Last activity over a year ago | Status changed over a year ago | Configuration
-
Votes
5
Support for Configuring SMS Sender Policy Using a JSON Body or CURL ...
Currently when configuring the SMS Sender policy we only support submitting parameters in the http request URL. I was working with a customer that uses Avaya as their ...
Comments (0) | by: Eric L. | over a year ago | Last activity over a year ago | Status changed over a year ago | Configuration