Saturday, November 11, 2017

Configuring Deepnet Security SafeID OATH Token with Microsoft Azure MFA Server

Related Blogs:
Configuring YubiKey / Yubico OATH Token with Microsoft Azure MFA Server -
Azure MFA with pGina and Local Authentication -
Azure MFA Server –Authentication Types (Part I) -
Azure MFA Server –Authentication Types (Part II) -
Microsoft Azure MFA on-premises server supports a time based OATH (OATH – TOTP) third party tokens.  This is an alternative to using the Azure Authenticator Mobile App as an OATH token.  You can see other MFA authentication options in my Azure MFA Server–Authentication Types (Part I) and Azure MFA Server–Authentication Types (Part II) blogs.  The OATH tokens can be added or imported prior to being associated with a user.  Administrators can associate users and tokens in the Multi-Factor Authentication Server  or the User Portal.  Users can associate themselves with an OATH token during User Portal enrollment or using the OATH Token menu option when the User Portal is configured to provide this functionality.    A bulk token import and configuration is also supported by MFA Server .  An administrator can import OATH Token records from an input  file .  The secret keys must be in Base32 format
This blog provides step-by-step instructions in configuring Deepnet SafeID OATH token with Microsoft Azure MFA server.  I am using DeepNet Security's SafeID Classic model for this testing.  You can review different token models and details on their website.  
The following are the pre-requirements to complete this configuration. 
  1. Microsoft Azure MFA on-premises server
  2. Deepnet SafeID hardware
  3. Secret Key for your DeepNet SafeID.  You will receive an email with Secret Key after the purchase. 
Review the following Azure MFA Server Authentication Types  blog if you are not familiar with authentication configuration in Azure MFA Server:
Azure MFA Server –Authentication Types (Part I) -
Azure MFA Server –Authentication Types (Part II) -
Azure MFA Server – Configuration for third Party OATH
First step in this process is to add third party OATH Tokens in Azure MFA Server. You can either add these tokens individually or perform a bulk import using an input file. 
To add an OATH token,
  1. Logon to your MFA application server.  Open Multi-Factor Authentication Server UI and Select OATH Token icon.
  2. Click Add option from OATH Token window.
  3. image_thumb23
  4. Enter your Secret Key token Details
    1. Serial Number – Required.  Enter the  serial number of your SafeID. This will be in the back of the Secret Keyas shown below or it will be the email you received from DeepNet. 
    2. image
    3. Secret Key – Required. This is the Secret Key (Base32).  You have to receive this information from DeepNet.    You will receive an email from Deepnet with Secret Key after the purchase
    4. Manufacturer – Optional.  Enter DeepNet Security as the manufacturer.
    5. Model – Optional.  Enter SafeID as model type. 
    6. Start date – Optional
    7. Expiration date – Optional
    8. Time interval – Required. Select 60 seconds. 
    9. Username:  Associate a user with this OATH token.  You can manually enter the username or Select Useroption to identify a user. 
    10. image
    11. Click OK to complete.  The Synchronize OATH Token dialog will prompt for the current OATH code to synchronize the OATH token and verify the configuration.
    12. image
    13. Enter the current code from DeepNet SafeID from the Synchronize OATH Token window to complete token configuration in MFA Server.  Click OK
    14. image
Note1: MFA server validates the OATH code against the OATH token secret key and synchronizes the OATH token's time if they are valid.  If there are not valid, you will see the following error message:
Note2: Azure Multi-Factor Authentication Server supports bulk import of token records by using an input CSV file.   The file must be in a supported format and may be partially or fully encrypted with a password. 
To perform a bulk import,
Note3: you may receive the following error message when you click on Import button. There is an update/hotfix for this issue. 
Unhandled exception has occurred in your application.  If you click Continue, the application will ignore this error and attempt to continue.  If you click Quit, the application will close immediately. 
Could not load file or assembly ‘PfPskcClr, Version=, Culture=neutral, PublicKey Token=null’ or one of its dependencies.  A strongly-named assembly is required.  (Exception from HRRESULT:0X8013100) 
Azure MFA Server – End User Validation Using DeepNet SafeID OATH Token
The final step in this process is to validate the DeepNet SafeID configuration and authentication experience from an end user perspective. 
To configure OATH token as the authentication type for an end user:
  1. From Multi-Factor Authentication Server UI, Select Users icon
  2. From right pane, open the user properties by double clicking the user object.
  3. This will open User Properties / Edit User  window as shown below.  Make sure that the OATH Token is selected as the authentication type for this test user. 
  4. image
  5. To validate this configuration, select out test user object and from the bottom of the window, select Test option.  
  6. image
  7. User will be prompted for first /primary authentication using a user name and password. Enter the User name and Password for the user, then click Test
  8. image
  9. Then it will prompt you for the secondary authentication.  In this scenario, it the OATH Code.image_thumb52
  10. Get the current OATH code from your DeepNet SafeID. 
  11. image
  12. Enter the current code in the OATH Code window in the MFA application .  Click OK
  13. image
  14. You will see the authentication status/result as shown below: 
  15. image_thumb49
Related Blogs:
Configuring YubiKey / Yubico OATH Token with Microsoft Azure MFA Server -
Azure MFA with pGina and Local Authentication -
Azure MFA Server –Authentication Types (Part I) -
Azure MFA Server –Authentication Types (Part II) -


I am sure that info how to write a cover letter might be quite useful for students. You can use it when you write your academic research if you need.

J'ai acheté une paire de chaussures Gucci pour mon petit ami dans cette boutique en ligne. gucci lunettes de soleil pas cherLa qualité est très bonne, le style des chaussures de sport est très similaire, il vaut vraiment la peine d'être acheté, il existe de nombreuses marques réputées de la marque Gucci, nous sommes convaincus qu'elle a une haute qualité et son apparence.

swiss replica watches, combining elegant style and cutting-edge technology, a variety of styles of replica Chopard watches, the pointer walks between your exclusive taste style.

Your readers may want to use our new web page that we created to assist SafeID integration with Office 365 and Azure;

Architectural science coursework writing help services have become very popular for students studying architectural science assignment writing services as they engage the best online Architectural Science Writing Services.

Really Nice Post Admin, Very helpful looking for more posts, Now I have to share some information about How To Fix “LexMark Troubleshooting Guide” problem. If you are going through this problem you can simply Lexmark Printer nummer belgie

That’s a nice article, thank you for a great article. It helped me a lot. Keep it up Must Visit Trend Micro helpdesk

Simple HP envy 5640 printer wifi instruction to connect the HP Envy5640 printer to the wireless network. Fix HP Envy 5640 Will Not Install Wireless issue.

The effectiveness of IEEE Project Domains depends very much on the situation in which they are applied. In order to further improve IEEE Final Year

Project Domains practices we need to explicitly describe and utilise our knowledge about software domains of software engineering Final Year Project

Domains for CSE
technologies. This paper suggests a modelling formalism for supporting systematic reuse of software engineering technologies

during planning of software projects and improvement programmes in Final Year Projects for CSE.

Software management seeks for decision support to identify technologies like JavaScript that meet best the goals and characteristics of a software

project or improvement programme. JavaScript Training in

Accessible experiences and repositories that effectively guide that technology selection are still lacking.

Aim of technology domain analysis is to describe the class of context situations (e.g., kinds of JavaScript software projects) in which a software

engineering technology JavaScript Training in Chennai can be applied successfully

The Angular Training covers a wide range of topics including Components, Angular Directives, Angular Services, Pipes, security fundamentals, Routing,

and Angular programmability. The new Angular TRaining will lay the foundation you need to specialise in Single Page Application developer. Angular Training

Thanks for your article.please write on Custom 200ml dropper bottle boxes design elements.

Nice Interesting blog. You are posts are just amazing and very creative. Keep on share it.

Hotschedules login
Content com android browser home

Independent Escorts in Mumbai ( Sneha Singh )
Our Mumbai escort young ladies are exceedingly requested for a sweetheart role-play. Fair since of their living benchmarks, well instruction, straight to the point & devious nature, etc. They moreover have a long time experienced in this industry, they never disappoint you with respect to their suggestive administrations. That’s where the part of our proficient Escorts comes in.
Check the link for more information:-
Bhandara escorts
Buldhana Escorts

Looking for Homework Help In The USA? I recommend that you should try our academic writing services which you will never regret trying, we offer writing services under all niches and streams within your budget.

Post a Comment

Popular Posts


Twitter Delicious Facebook Digg Stumbleupon Favorites More