MSI Properties and Registry Settings
  • 27 Jun 2023
  • 4 Minutes to read
  • Contributors
  • Dark
    Light
  • PDF

MSI Properties and Registry Settings

  • Dark
    Light
  • PDF

Article summary

The MSI properties described in this article are for both Citrix® and Local Environments and can be modified to meet the organization's needs.

Citrix® Server

Parameter NameRegistry NameRegistry Keys AffectedValueSetting Description
TFA_ACTIVECONNECTORActiveConnectorHKEY_LOCAL_MACHINE\SOFTWARE\ HealthCast\ExactAccess\ TFA Settings\HCIE81Connect.cls81E2014Set this based on the version of Epic Hyperspace to interact with: Epic 2012 set to "HCIE79Connect.cls79E2012", Epic 2014 set to "HCIE81Connect.cls81E2014", and Epic 2015 set to "HCIE82Connect.cls82E2014".
TFA_AIE (Not used for 2018 and up) Note: This setting is only needed when installing on the Citrix server.N/AN/A0Set to 1 to install HealthCast "AppInit" DLL (hcinject.dll). This setting is needed to support Warp Drive configurations and Hyperspace login without configuring the Primary Authentication Device. Important: This can only be set using the MSI property at install. Setting this property to a value of 1 will add the following registry settings to windows to configure “hcinject.dll” as an “AppInit” DLL that will start “hciepicsessionmgr.exe” (Epic Session Manager) when Hyperspace is started. 64 Bit Windows: [HKEY_LOCAL_MACHINE\SOFTWARE\ Wow6432Node\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="hcinject.dll" "LoadAppInit_DLLs"= dword:00000001 32 Bit Windows: [HKEY_LOCAL_MACHINE\SOFTWARE\ Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="hcinject.dll" "LoadAppInit_DLLs"= dword:00000001
TFA_EDMANAGERENABLED (Not used for 2018 and up)EDManagerEnabledHKEY_LOCAL_MACHINE\SOFTWARE\ HealthCast\ExactAccess\TFA SettingsFalseIf the system has been configured to login without configuring a Hyperspace LWS record, the Epic Session Manager will delay waiting to determine if the Epic Authentication Plug-in will be loaded or not. To disable the wait, set this property to "True".
TFA_USEREMOTEUseRemoteSOFTWARE\HealthCast\hciepicsessionmgrFalseSet to “True” to configure TFA to get the current user context from the endpoint even if XA is installed locally.
TFA_HYPERSPACE_SECURESecureActiveHKEY_LOCAL_MACHINE\Software\ HeatlhCast\ExactAccess\TFA SettingsFalseIndicates the behavior of Hyperspace when a tap-out occurs -- if SecureActive is False (default) - Hyperspace will Log Off. If SecureActive is set to True - then Hyperspace will instead be secured for the current user on Tap Out.

Citrix Server - Logoff Cleanup

Parameter NameRegistry NameRegistry Keys AffectedValueSetting Description
TFA_LOGOFFCLEANUPCallLogoffCleanupOnEpicLogoffHKEY_LOCAL_MACHINE\SOFTWARE\ HealthCast\ExactAccess\TFA SettingsFalseSet to “True” to configure the plugin to call Logoff Cleanup in the published Hyperspace session on the Citrix server when Hyperspace is logged out. This setting is only set on the Citrix Sever.
TFA_LOGOFFCLEANUP_SECCallLogoffCleanupOnEpicSecureHKEY_LOCAL_MACHINE\SOFTWARE\ HealthCast\ExactAccess\TFA SettingsFalseSet to “True” to configure the plugin to call Logoff Cleanup when Hyperspace is secured. This setting is only set on the Citrix Sever.
TFA_LOGOFFCLEANUP_ONLOCKEnableCleanupOnLockHKEY_LOCAL_MACHINE\SOFTWARE\ HealthCast\ExactAccess\TFA SettingsFalseSet to “True” to configure the plugin to call Logoff Cleanup when “DisableOnBeforeLock" set to "True". This setting is only set on the Citrix Sever.
TFA_VERTICAL_OFFSET_FOR_LOGIN_SCREENTFA_VERTICAL_OFFSET_FOR_LOGIN_SCREENHKEY_LOCAL_MACHINE\SOFTWARE\ HealthCast\ExactAccess\TFA Settings160This setting defines how far down the Hyperspace window the authentication window should be placed.

Endpoint - Hyperspace Launching

Parameter NameRegistry NameRegistry Keys AffectedValueSetting Description
TFA_LAUNCHTYPELaunchTypeHKEY_LOCAL_MACHINE\SOFTWARE\ HealthCast\ExactAccess\TFA Settings0Set to "1" to launch locally installed Hyperspace. Set to "2" to launch Hyperspace via Epic Warp Drive. Set to "3" to launch Hyperspace published using pubLauncher.exe. Set to “4” to launch Hyperspace published using pubLauncherSF.exe.
TFA_LOGOFF_XA_ON_EPIC_SECURE_LOGOUTLogoffXAOnEpicSecureLogoutHKEY_LOCAL_MACHINE\SOFTWARE\ HealthCast\ExactAccess\TFA SettingsFalseSet to "True" to have ExactAccess client logoff when a user logs off the Hyperspace application and lock the ExactAccess client when a user secures the Hyperspace application.
TFA_DISABLE_ONBEFORELOCKDisableOnBeforeLockHKEY_LOCAL_MACHINE\SOFTWARE\ HealthCast\ExactAccess\TFA SettingsFalseSet to "True" if you do NOT wish to notify the Epic Session Manager when the ExactAccess client is locked. Use this setting to prevent Secure or Logout of Hyperspace when locking the ExactAccess client.
TFA_ENABLE_ONBEFORELOCKTIMEOUTEnableOnBeforeLockTimeoutHKEY_LOCAL_MACHINE\SOFTWARE\ HealthCast\ExactAccess\TFA SettingsFalseThis is used to trigger an event that indicates that OnBeforeLock event was triggered because of user inactivity. If this is the case, then the normal lock behavior is not followed, Hyperspace will not be secured or logged off, no action will be taken, and Hyperspace will remain in its current state.
TFA_ENABLE_ONBEFOREQUITUSEREnableOnBeforeQuitUserHKEY_LOCAL_MACHINE\SOFTWARE\ HealthCast\ExactAccess\TFA SettingsTrueThis setting is enabled by default. This triggers an event to logoff of Hyperspace when a user interactively logs off XA. In standard mode this is triggered in a tap-over scenario, but also shuts down Hyperspace since it doesn’t allow more than one instance from the same workstation name. In Kiosk mode non-locking configurations this setting needs to be set to False.

Endpoint - Community Connect

Parameter NameRegistry NameRegistry Keys AffectedValueSetting Description
TFA_EPICUSERCIIDEpicUserCIIDHKEY_LOCAL_MACHINE\SOFTWARE\ HealthCast\hciepicsessionmgrNot SetThis setting is used in configurations where a different username and password are needed then the domain user account used to login to XA. The setting need is an XA control ID configured for the additional credential. The control ID needed is retrieved when creating an application in the XA administrator.
TFA_EPICUSERCIID_CAPTIONEpicUserCIIDCaptionHKEY_LOCAL_MACHINE\SOFTWARE\ HealthCast\hciepicsessionmgrNot SetThis setting is used in configurations where the Epic login requires a username and password other than the user account used to login to XA. Use this setting to change the caption displayed when prompting user for the username and password needed.
TFA_EPICUSERCIID_PROMPTEpicUserCIIDPromptHKEY_LOCAL_MACHINE\SOFTWARE\ HealthCast\hciepicsessionmgrNot SetThis setting is used in configurations where a different username and password are needed when the domain user account is used to login to ExactAccess. Use this setting to change the prompt displayed when prompting the user for the username and password needed.

Endpoint - Secondary Authentication

Parameter NameRegistry NameRegistry Keys AffectedValueSetting Description
TFA_UITIMEOUTSECONDSUITimeoutSecondsHKEY_LOCAL_MACHINE\SOFTWARE\ HealthCast\ExactAccess\TFA Settings30This setting is the number of seconds the re-authentication prompt waits for a user to tap a badge. This setting doesn’t have an impact when the login device is prompting for login only when being called for verification or cosign verification. This setting is configured on the device where Hyperspace is installed.

Was this article helpful?