• Votes

    6

    Event Based Lockout Policies

    We would like to see event based lockout policies with the ability to configure different lockout attempt thresholds and durations and not effect other events for the ...

  • Planned

    3

    A way to delete OATH seed-files more than one per selection.

    A way to delete OATH seed-files more than one per selection. If we would get a checkbox for the selection of the file to be deleted. To delete several Seed-files at once.

  • Votes

    1

    Adding parameters to MSI properties - NAAF Device Service MSI Package

    We would like to install device service and change these 2 custom parameters: pki.vendorModule pki.forceVirtualChannels Is it possible that you will add these ...

  • Votes

    4

    Allow the servers used by a repository to be configured on one site ...

    Current situation: The configuration for a repository is replicated to each site except for the servers. It requires the administrator set the servers on each site and ...

  • Planned

    6

    Hide offline OTP option if offline OTP is disabled in Smartphone ...

    Current situation: When offline OTP is disabled for the Smartphone method, the user is still presented the ability to authenticate with the offline OTP at the AAF web ...

  • Votes

    7

    Let's change eToken/Smartcard password on credential provider

    Now there is no possibility to change the eToken password at the credential provider. if the password is expired the user has to phone the Helpdesk to create a emergency ...

  • Votes

    1

    accept only PKI keys from trusted CAs

    Add an option to disable the item "Generate a key pair" when the user register a PKI token, and let users only select a valid certificate from the token. This would be ...

  • Votes

    5

    Separate out application logs into it's own tab/file

    Current situation: Application logs (in CEF) are written to Syslog. Syslog also has OS-related information written to it. It is sometimes difficult to find certain ...

  • Votes

    2

    Remember the last chain used to authenticate to the workstation

    Current situation: When a user attempts to authenticate to a Windows workstation, the chains are displayed in the order that they were added in to the event in. Desired ...

  • Votes

    11

    Certificate filter - Hide expired certificates

    Please hide expired certificates in the "certificate list" during the PKI enrollment

  • Votes

    1

    only allow smartphone to access from the internet

    Some, especially small companies, do not have a SPI-firewall or reverseproxy-server. Nobody should get access to the AA server from the internet, except...Smartphones. ...

  • Votes

    4

    view only admin category

    In the Admin UI there's currently no way to configure a "view only" account. Therefore a new role should be introduced so that a user can login on the Admin UI to reflect ...

  • Votes

    5

    Set CEF log forward policy per site

    We want to forward the CEF logs to our enterprise logging solution that has data collectors all over the globe. It would be desirable to set the Syslog destination on a ...

  • Votes

    2

    Multiple NAS Identifiers in a single RADIUS event

    Request: We would like to assign multiple NAS Identifiers to a single RADIUS event. Use case: We have F5 BIG IP load balancer to balance RADIUS traffic to our web ...

  • Votes

    9

    Ability to deactivate self enrollment for specific methods

    In some cases it is desirable if a admin can configure that it is not possible for an user to (over)write specific methods in the self enrollment. For more flexibillity ...

  • Votes

    4

    Ability to select a 'local' export when importing a database

    Current situation: When importing a database, you must define a http or ftp location of the backup. Desirable situation: When importing a database, I should be able to ...

  • Planned

    6

    search field for locked user for the helpdesk portal / ability to ...

    It would be a good to add these two features. 1) Add search field to search for users in the locked users-list 2) If a user will be opened in the help desk (where you can ...

  • Votes

    5

    Option to hide QR Code in TOTP enrollment

    It would be a good feature if there is an option to disable the QR-Code or hide the QR Code, if TOTP method is enrolled. If a user re-open an enrolled T-OTP over the ...

  • Votes

    3

    NAAF Client 5.6 should get the language for a parameter that it can be ...

    NAAF Client 5.6 should get the language for a parameter that it can be changed by the end user. In our case the system locale can only be changed by the administrator and ...

  • Votes

    2

    When chains are created and user enrolls force that the chain must ...

    While on POC customer enrolled Bluetooth and Proxcard. They then logged out and only had LDAP Password. They were surprised and asked if when they are chained like this ...