Biometric
  • 24 Mar 2023
  • 1 Minute to read
  • Contributors
  • Dark
    Light
  • PDF

Biometric

  • Dark
    Light
  • PDF

Article summary

Biometric

Features

The biometric authentication type can be configured as a primary or secondary authentication technology to sign into ExactAccess SSO. During enrollment, the user will provide their directory service password to maintain pass-through authentication scenarios.

WARNING

Proximity cards cannot be used when Biometric is configured for primary authentication.

Configuration - Setting biometric as the primary authentication method

  1. Log-in as a Local Administrator to the workstation you would like to make changes on.

    1. The Client Configuration Tool will only run under an account with Local Administrator privileges.
  2. Navigate to the Windows® Start menu> All Programs > HealthCast > ExactAccess > Utilities > Configuration > Client Configuration and choose Kiosk Mode.
    image.png

  3. To enable fingerprint support, select "Fingerprint" from the Primary Authentication Method drop-down box located in the section titled Other.

  4. To change server or refresh policies, select the Biometric tab and configure as needed.
    image.png

    IMPORTANT

    This setting should already have a value present after running the RapidIdentity plug-in for Biometrics installation, but can be updated here. If this value is blank, ensure the RapidIdentity plug-in for Biometrics installation has been completed.

    Here you can select to enable the fingerprint support. Biometric readers supported include the EikonTouch-710 and IMP-1C.

    It will be necessary to synchronize the policies configured on the MFA server for the workstation to the MFA client components used for authentication with Biometrics. This includes the device driver name, the MFA server name, and server timeout values. Other values may be retrieved as needed. See MFA Policies for more information.

    NOTE

    Not all policies are applicable, or will be used by the XA Client.

  5. Click OK.

  6. Lock or Logoff of ExactAccess for this setting to take effect.

Enrolling Users

See RapidIdentity MFA Client for installation and MFA Enrollment Workstation for information on enrolling users in the Biometric Solution.

Authentication plugins

To manually set the primary authentication method to biometric, set the following registry value:

HKEY_LOCAL_MACHINE\SOFTWARE\HealthCast\ExactAccess\XAServerManager
ClientDSProgID: reg_sz = "XAPWENCShell.clsXAPWENCShell"

Possible Values:
**NTKMDSUser.clsNTKMDSUser** - prompt for user name and password
**XAPWENCShell.clsXAPWENCShell** - prompt for fingerprint biometric
ClientDSProgIDAlt: reg_sz = "XAPWENCShell.clsXAPWENCShell"
KioskPlugin: reg_sz = "IA.XA.Biometric"

Was this article helpful?