Authenticating with Evidian Authentication Manager

You can connect to Citrix, RDP and VMware Horizon roaming sessions using RFID badges with Evidian Authentication Manager (AuthMgr). Custom commands are supported as well.

Prerequisites

  • IGEL Universal Desktop Linux 5.06.100 or newer on the thin client.
  • An installed and running Evidian SSO Controller.
  • When using HTTPS (IGEL Linux 5.07.100 or newer), the User Access Server's CA root certificate saved locally on the thin client.
  • The thin client and the server(s) have to be part of the same Active Directory domain.
  • A supported RFID reader (e.g. OMNIKEY 5022 CL, OMNIKEY 5421), connected to the thin client
  • RFID badges that are already enrolled.

Configuring an Evidian Authentication Manager Session

  1. Go to Sessions > Evidian AuthMgr > Evidian AuthMgr Sessions in the thin client setup.
  2. Add a new session.
  3. Go to Sessions > Evidian AuthMgr > Evidian AuthMgr Sessions > [Session Name] > Connection.
  4. Enter the User Access Service URL including protocol, name or IP address and port number ([protocol]://[host]:[port]/soap).
  5. Enter the Roaming Session Secret.
  6. When using HTTPS, select the User Access Server's CA root certificate on the thin client as CA certificate.
  7. Select the desired Session Type in Options.
    This will make Evidian Authentication Manager use the first configured session of its type, e.g. RDP. Make sure that a session is configured.

    If you choose Custom commands you need to supply the commands. You can find further options in the IGEL Universal Desktop Linux manual.

  8. Start the new session by clicking on its icon in the Start Menu. Alternatively, reboot the thin client. In the default autostart setting the Evidian Authentication Manager for your session will start automatically and wait for an RFID badge to be placed on the reader.

    You can only start a single instance of an Evidian Authentication Manager session.

Configuring Citrix/RDP/VMware Horizon Sessions

Configure the session that you want to use with Evidian Authentication Manager as the first session of its kind. Related Configurations provide shortcuts to these settings.

Using a Custom Configuration File

Instead of using the settings provided by IGEL setup you can enable a Custom configuration file under Options. Then all the other session settings will be ignored. You find a commented template for the configuration file at /etc/rsUserAuth/rsUserAuth.ini.

Logging in with Evidian Authentication Manager

  1. Place your RFID badge on the RFID reader (or tap the reader with it, if you configured Tapping Mode)
  2. Your Citrix/RDP/VMware Horizon session will open if an active roaming session for your user already exists. If it does not, you will be presented with a password prompt for the user's Active Directory password.
  3. Remove your RFID badge (or tap the reader again) to disconnect from the session.
Last update: June 28, 2018