• Votes

    2

    Offline mode: Allow computer to fail open

    Currently: If a user is offline, and if he has lost/broken one authenticator (if 2FA deployed with 'something you know' + 'something you have'), he can't login to his ...

  • Votes

    2

    Radius only return the CN from the group name

    Some customers have trouble with specific VPN Solutions from Cisco or Watchguard. Because with this tools it seems that there is a limitation for the group name field (as ...

  • Votes

    2

    Netiq Mobile Application for Smartphones

    Can we have an Option for, after a rollout the Application via AirWatch have a way for Auto Accept the EULA.

  • Votes

    2

    Remember the last chain used to authenticate to the workstation

    Current situation: When a user attempts to authenticate to a Windows workstation, the chains are displayed in the order that they were added in to the event in. Desired ...

  • Votes

    2

    Apply Advanced authentication by IP or wireless network (Windows ...

    Hi Our client asks if the second factor can be applied only to users who are out of the office. They have the NAAF client installed on their Surface equipment and they ...

  • Votes

    2

    Multiple NAS Identifiers in a single RADIUS event

    Request: We would like to assign multiple NAS Identifiers to a single RADIUS event. Use case: We have F5 BIG IP load balancer to balance RADIUS traffic to our web ...

  • Votes

    2

    When chains are created and user enrolls force that the chain must ...

    While on POC customer enrolled Bluetooth and Proxcard. They then logged out and only had LDAP Password. They were surprised and asked if when they are chained like this ...

  • Votes

    2

    Smooth transition of authenticators: no need to re-enrolment when ...

    This is future request . Migrate the authenticators for already enrolled users who are migrated from existing MS AD domain to the new MS AD domain without all those ...

  • Votes

    2

    Once a user has enrolled methods provide option to turn off LDAP ...

    On a customer POC and they have Bluetooth and PIN as well as Proxcard and PIN enrolled however they still see LDAP Password as a method when logging into Desktop. They ...

  • Votes

    2

    Use Case: Workers will be on a ship or out of office for 1 – 6 months, ...

    We have this for NSL and would like to see same option for AA cached credentials

  • Votes

    1

    Automatic configuration Script

    For a typical GM installation with AD, Radius, and say Smartphone, there are actually not so many parameters to do the installation. It still takes many steps, and things ...

  • Votes

    1

    Syslog message when user account is locked by AAF application

    It would be beneficial to have a syslog event generated when a user account is locked by AAF using the Lockout Policy. We created a Lockout Policy designed to lock a ...

  • Votes

    1

    Retrieve and accept user names in different format

    Some applications/systems use naming schema different then simple username. Good example might be FUDO running in "bastion" mode. In that case username consists of two ...

  • Votes

    1

    Enable user exception group list in Geo-Fencing

    For example for “Singapore” & “Malaysia” group = user1, user2, user3, but for “China” group = user1 only & user2, user3 is deny access.

  • Votes

    1

    Allow a "Recycle" button on Card Search

    Customer has people that provide and receive temp badges. They would like a quick and easy way to un-associate a card from a user in a single click. I do have a mock up ...

  • Votes

    1

    only allow smartphone to access from the internet

    Some, especially small companies, do not have a SPI-firewall or reverseproxy-server. Nobody should get access to the AA server from the internet, except...Smartphones. ...

  • Votes

    1

    accept only PKI keys from trusted CAs

    Add an option to disable the item "Generate a key pair" when the user register a PKI token, and let users only select a valid certificate from the token. This would be ...

  • Votes

    1

    Adding parameters to MSI properties - NAAF Device Service MSI Package

    We would like to install device service and change these 2 custom parameters: pki.vendorModule pki.forceVirtualChannels Is it possible that you will add these ...

  • Votes

    1

    Disallow user to scan QR code if user has enrolled already

    By disable the re-enrollment function, user not able to rescan (by click the Save button) and delete the enrolled authenticator (By click the delete button) Can the ...

  • Votes

    1

    QR code generator

    Automatically generate QR for manually write seed/secret. After refresh page or immediately when written in box. Or add section to web management with this functionality. ...