• Planned

    5

    Modify Client Login Extension

    We would like to request the client login extension link be shown before chain selection in the Windows agent. Currently it only shows up if the user selects the LDAP ...

  • Votes

    5

    Ability to install Export file from Console as root

    Customer has AA Appliances inside DMZ and unable to import from a web or ftp server. Would like ability to install from console to a UNC path. Even better allow to ...

  • Planned

    10

    Determine RADIUS event by client IP address

    In a situation where an environment has multiple RADIUS events, the RADIUS event that is intended to be used by the connecting RADIUS client is determined by the ...

  • Votes

    3

    Ability to link AAF v6.x Configuration portal and Desktop OTP app to ...

    In multiple conversations with clients there is often the question around how does the NetIQ Smartphone App compares with Google authenticator and often enough the ...

  • Votes

    6

    Support RADIUS Authentication Methods CHAP and MS-CHAP

    Our IT-Security Department forbid the usage of PAP because of severe security issues. Please support at least MS-CHAP, otherwise we can't use the AA RADIUS for our ...

  • Votes

    5

    Windows Client set default Domain in config.properties

    Add an option to the Windows Client to set a default Domain in config.properties. Example: defaultDomain: DOMAINNAME Expected behaviour: The user types USERNAME (without ...

  • Votes

    3

    implement repository search order

    In an environment with multiple repositories, it should be possible to define a search order for the repository. The first match wins should be used for authentication. ...

  • Votes

    9

    Add a "password never expires" option for the local user repository

    We need this option for the local Admin Account. The local Admin Account's password expires as any other user account. Please add a "password never expires" option to the ...

  • Votes

    1

    Custom VOICE OTP Sender

    Hello, We will like to have the ability to use our own Voice OTP senders. Currently only Twilio is supported.

  • Votes

    1

    OTP Support Multiple Languages

    Hello, We want to be able to send SMS OTP in multiple languages. It will be great if we will be able to map a LDAP attribute for user proffered language, and the AAF ...

  • Votes

    2

    Support for code obfuscation

    The idea is to provide support for code obfuscation at the SDK for mobile app's. Mainly for commercial products like DexGuard. Some costumers has internal security ...

  • Votes

    16

    Synchronizing changes from mobile devices back to AAF server

    After deleting the smartphone authenticator, the template within the native application (NetIQ Advanced Authentication) is also deleted at the AAF start page (/Account, ...

  • Votes

    10

    Automatic Logout with countdown display

    To make sure that users do not leave their session unattended, an automatic logout, which you can optionally enable and set up a time interval (5, 10, 15) minutes as an ...

  • Votes

    7

    TOTP on Smartwatch

    Currently it is the case that the request for a TOTP via the smartphone also appears on a SmartWatch, but only as a message. It would be great if you could confirm the ...

  • Planned

    7

    Allow Windows Client (and Linux/Mac) to set locale in ...

    We have the need for certain Windows clients to have a specific locale set in the config.properties file. This should override the OS locale.

  • Votes

    6

    Use STARTTLS for LDAP-based repositories

    LDAP supports STARTTLS to encrypt communications using TLS. STARTTLS begins as a plaintext connection over the standard LDAP port (389), and that connection is then ...

  • Votes

    13

    Allow SSO from AFF to NAM

    It would be great to allow AFF SSO to NAM. The idea: having the AAF Client installed on a workstation and authenticate during the windows login to AFF. Then AAF ...

  • Votes

    10

    Ability for caching shared (linked) authenticators

    In reference to SR#101184179111 Today, AAF is not able to cache credentials on windows,linux, macos for users they are using shared (linked) authenticators. Please ...

  • Votes

    14

    Email notification when an authenticator is enrolled, modified, or ...

    When a user or help desk agent enrolls, modifies, or deletes a user's authenticator, there is no notification to the user of this activity. This means that users' ...

  • Votes

    5

    Using the Smartphone app push notification to Accept/Decline ...

    During enrollment, we don't have a notification of the enrollment process that is acknowledged by the user being enrolled. So far the methods we have assume that the ...