-
Votes
3
Disable modification of automatically enrolled Authenticators in the ...
Some Authenticators are automatically created by Advanced Authentication, e.g. LDAP password. If you click on the Authenticator in the Self-Service portal, the Edit page ...
Comments (1) | by: Andreas H. | over a year ago | Last activity over a year ago | Status changed over a year ago | Dashboards/Visualization
-
Votes
3
Want a way to get a report on linked credentials
So want to know is there a way to get a report on linked credentials 2018-10-04T14:18:38.864705 (UTC+0000)+00:00 aafapp CEF:0|AAA|Core|5.0|101|User was successfully ...
Comments (3) | by: Kevin P. | over a year ago | Last activity over a year ago | Status changed over a year ago | Other
-
Votes
13
Windows Client Login offline Master token
When we install the Windows Client on a device, we can enable the Offline login to permit the user to access their computer when they do not have access to internet. ...
Comments (3) | by: Hugo D. | over a year ago | Last activity over a year ago | Status changed over a year ago | Other
-
Planned
8
Extend Radius server by PEAP support
Currently Radius server supports only PAP while new (esp. mobile) devices use PEAP. It's the reason customers may not use AA for Radius & mobile device combination and ...
Comments (1) | by: Dariusz L. | over a year ago | Last activity over a year ago | Status changed over a year ago | Other
-
Votes
2
Add Gemalto Safenet Seedfile format
We have a customer wanting to replace a 350 user Gemalto Token Solution for Citrix Netscaler Login. They would like to keep on using the token hardware but Gemalto has a ...
Comments (2) | by: Hauke B. | over a year ago | Last activity over a year ago | Status changed over a year ago | Integrations
-
Planned
11
Allow more than one smartphone\PKI card for user
We want to be able to use more than one smartphone\PKI card authenticators. For example, user has more than one smartphone and he want to be able to authenticate using ...
Comments (2) | by: Tomer A. | over a year ago | Last activity over a year ago | Status changed over a year ago | Integrations
-
Planned
3
Reduce privileges for device service on Windows
Hello, When device service is installed on Windows, it installs a windows service that runs with local\system account permissions. We want to be able to run it using a ...
Comments (2) | by: Tomer A. | over a year ago | Last activity over a year ago | Status changed over a year ago | Installation/Deployment
-
Votes
5
Brute force / BOT Attack and Data leakage Prevention
A change in authentication flow can help prevent brute force bot attacks: 1. Information leakage - valid usernames & passwords discovery 2. User lockout due to bad ...
Comments (3) | by: Paul M. | over a year ago | Last activity over a year ago | Status changed over a year ago | Other
-
Votes
3
Native U2F Support beyond chrome browser
Since chrome support for FIDO U2F was added some time ago but now other browsers like Firefox support it as well. While it does work if enabled manually on older firefox ...
Comments (1) | by: Paul M. | over a year ago | Last activity over a year ago | Status changed over a year ago | Supported Platforms
-
Votes
2
Remember the last chain used to authenticate to the workstation
Current situation: When a user attempts to authenticate to a Windows workstation, the chains are displayed in the order that they were added in to the event in. Desired ...
Comments (1) | by: Tim S. | over a year ago | Last activity over a year ago | Status changed over a year ago | Configuration
-
Votes
11
Certificate filter - Hide expired certificates
Please hide expired certificates in the "certificate list" during the PKI enrollment
Comments (2) | by: Kevin S. | over a year ago | Last activity over a year ago | Status changed over a year ago | Configuration
-
Votes
1
only allow smartphone to access from the internet
Some, especially small companies, do not have a SPI-firewall or reverseproxy-server. Nobody should get access to the AA server from the internet, except...Smartphones. ...
Comments (1) | by: Sander F. | over a year ago | Last activity over a year ago | Status changed over a year ago | Configuration
-
Votes
7
Kerberos Authentication for internal AD users
It would be great, if we could allow internal AD members Kerberos integrated authentication.
Comments (3) | by: Werner H. | over a year ago | Last activity over a year ago | Status changed over a year ago | Integrations
-
Votes
4
view only admin category
In the Admin UI there's currently no way to configure a "view only" account. Therefore a new role should be introduced so that a user can login on the Admin UI to reflect ...
Comments (3) | by: Frank S. | over a year ago | Last activity over a year ago | Status changed over a year ago | Configuration
-
Votes
5
Set CEF log forward policy per site
We want to forward the CEF logs to our enterprise logging solution that has data collectors all over the globe. It would be desirable to set the Syslog destination on a ...
Comments (1) | by: Tim S. | over a year ago | Last activity over a year ago | Status changed over a year ago | Configuration
-
Votes
2
Multiple NAS Identifiers in a single RADIUS event
Request: We would like to assign multiple NAS Identifiers to a single RADIUS event. Use case: We have F5 BIG IP load balancer to balance RADIUS traffic to our web ...
Comments (1) | by: Tim S. | over a year ago | Last activity over a year ago | Status changed over a year ago | Configuration
-
Votes
5
Extend REST-API - Assign User to existing OTP Token or Bulk import
Please add these two functions in the Rest-API 1) Assign Users to an Existing OTP Token which is imported 2) Import for OTP tokens with Serialnumber & set a flag to make ...
Comments (4) | by: Kevin S. | over a year ago | Last activity over a year ago | Status changed over a year ago | Other
-
Votes
9
Ability to deactivate self enrollment for specific methods
In some cases it is desirable if a admin can configure that it is not possible for an user to (over)write specific methods in the self enrollment. For more flexibillity ...
Comments (1) | by: Kevin S. | over a year ago | Last activity over a year ago | Status changed over a year ago | Configuration
-
Votes
4
Ability to select a 'local' export when importing a database
Current situation: When importing a database, you must define a http or ftp location of the backup. Desirable situation: When importing a database, I should be able to ...
Comments (0) | by: Tim S. | over a year ago | Last activity over a year ago | Status changed over a year ago | Configuration
-
Planned
6
search field for locked user for the helpdesk portal / ability to ...
It would be a good to add these two features. 1) Add search field to search for users in the locked users-list 2) If a user will be opened in the help desk (where you can ...
Comments (1) | by: Kevin S. | over a year ago | Last activity over a year ago | Status changed over a year ago | Configuration