Contents x
    Biometric
    • 24 Mar 2023
    • 1 Minute to read
    • Contributors
    • Dark
      Light
    • PDF
    Contents

    Biometric

    • Updated on 24 Mar 2023
    • 1 Minute to read
    • Contributors
    • Dark
      Light
    • PDF
    Article summary

    Biometric

    Features

    The biometric authentication type can be configured as a primary or secondary authentication technology to sign into ExactAccess SSO. During enrollment, the user will provide their directory service password to maintain pass-through authentication scenarios.

    WARNING

    Proximity cards cannot be used when Biometric is configured for primary authentication.

    Configuration - Setting biometric as the primary authentication method

    1. Log-in as a Local Administrator to the workstation you would like to make changes on.

      1. The Client Configuration Tool will only run under an account with Local Administrator privileges.

    2. Navigate to the Windows® Start menu> All Programs > HealthCast > ExactAccess > Utilities > Configuration > Client Configuration and choose Kiosk Mode.
      image.png

    3. To enable fingerprint support, select "Fingerprint" from the Primary Authentication Method drop-down box located in the section titled Other.

    4. To change server or refresh policies, select the Biometric tab and configure as needed.
      image.png

      IMPORTANT

      This setting should already have a value present after running the RapidIdentity plug-in for Biometrics installation, but can be updated here. If this value is blank, ensure the RapidIdentity plug-in for Biometrics installation has been completed.

      Here you can select to enable the fingerprint support. Biometric readers supported include the EikonTouch-710 and IMP-1C.

      It will be necessary to synchronize the policies configured on the MFA server for the workstation to the MFA client components used for authentication with Biometrics. This includes the device driver name, the MFA server name, and server timeout values. Other values may be retrieved as needed. See MFA Policies for more information.

      NOTE

      Not all policies are applicable, or will be used by the XA Client.

    5. Click OK.

    6. Lock or Logoff of ExactAccess for this setting to take effect.

    Enrolling Users

    See RapidIdentity MFA Client for installation and MFA Enrollment Workstation for information on enrolling users in the Biometric Solution.

    Authentication plugins

    To manually set the primary authentication method to biometric, set the following registry value:

    HKEY_LOCAL_MACHINE\SOFTWARE\HealthCast\ExactAccess\XAServerManager
ClientDSProgID: reg_sz = "XAPWENCShell.clsXAPWENCShell"

Possible Values:
**NTKMDSUser.clsNTKMDSUser** - prompt for user name and password
**XAPWENCShell.clsXAPWENCShell** - prompt for fingerprint biometric

    ClientDSProgIDAlt: reg_sz = "XAPWENCShell.clsXAPWENCShell"

    KioskPlugin: reg_sz = "IA.XA.Biometric"
    Was this article helpful?
    What's Next