- 24 Mar 2023
- 1 Minute to read
- Contributors
- DarkLight
- PDF
Biometric
- Updated on 24 Mar 2023
- 1 Minute to read
- Contributors
- DarkLight
- PDF
Biometric
Features
The biometric authentication type can be configured as a primary or secondary authentication technology to sign into ExactAccess SSO. During enrollment, the user will provide their directory service password to maintain pass-through authentication scenarios.
Proximity cards cannot be used when Biometric is configured for primary authentication.
Configuration - Setting biometric as the primary authentication method
Log-in as a Local Administrator to the workstation you would like to make changes on.
- The Client Configuration Tool will only run under an account with Local Administrator privileges.
Navigate to the Windows® Start menu> All Programs > HealthCast > ExactAccess > Utilities > Configuration > Client Configuration and choose Kiosk Mode.
To enable fingerprint support, select "Fingerprint" from the Primary Authentication Method drop-down box located in the section titled Other.
To change server or refresh policies, select the Biometric tab and configure as needed.
IMPORTANTThis setting should already have a value present after running the RapidIdentity plug-in for Biometrics installation, but can be updated here. If this value is blank, ensure the RapidIdentity plug-in for Biometrics installation has been completed.
Here you can select to enable the fingerprint support. Biometric readers supported include the EikonTouch-710 and IMP-1C.
It will be necessary to synchronize the policies configured on the MFA server for the workstation to the MFA client components used for authentication with Biometrics. This includes the device driver name, the MFA server name, and server timeout values. Other values may be retrieved as needed. See MFA Policies for more information.
NOTENot all policies are applicable, or will be used by the XA Client.
Click OK.
Lock or Logoff of ExactAccess for this setting to take effect.
Enrolling Users
See RapidIdentity MFA Client for installation and MFA Enrollment Workstation for information on enrolling users in the Biometric Solution.
Authentication plugins
To manually set the primary authentication method to biometric, set the following registry value:
HKEY_LOCAL_MACHINE\SOFTWARE\HealthCast\ExactAccess\XAServerManager
ClientDSProgID: reg_sz = "XAPWENCShell.clsXAPWENCShell"
Possible Values:
**NTKMDSUser.clsNTKMDSUser** - prompt for user name and password
**XAPWENCShell.clsXAPWENCShell** - prompt for fingerprint biometric
ClientDSProgIDAlt: reg_sz = "XAPWENCShell.clsXAPWENCShell"
KioskPlugin: reg_sz = "IA.XA.Biometric"