End-User Helper Applications
RCDevs security solutions are provided with some end-user helper applications (called WebApps) which are optional components in WebADM. These applications are part of your security infrastructure and in some circumstances may simplify a lot your help-desk processes by letting the users handle themselves most of the self-management tasks like Token enrollment or account / password management.
WebApps are generally companion portals for your RCDevs’ Web Service applications. For example, in some use-cases OpenOTP requires the end-users to enroll, test or resynchronize their Tokens.
For public use, WebApps can easilly be embedded inside your own Web site or deployed on the Internet with RCDevs WebADM Publishing Proxy Server.
This Web application is mostly designed for internal (corporate) use and includes several self-management features like:
- Manage account information such as email, mobile phone numbers, etc..
- Reset LDAP password according to a configurable password policy
- Enroll, re-synchronize and test a Software / Hardware Token or Yubikey
- Enroll the TiQR mobile appplication
- Manage own user certificates
This applications provide self-enrollment of Tokens, Yubikeys and TiQR via a one-time email or SMS request:
Via the Administrator Portal, the Manager RPC Interface or even a batch script, you can send a self-enrollment link to a set of single users or the members of a LDAP groups. The users receive a message containing a URL via email or SMS. Clicking the link provides a one-time access to the self-registration portal. Like in the Self-Service application, users can enroll and re-synchronize Tokens, enroll TiQR mobile and test login operations.
This application allows users to set a new password on their LDAP account when they lost their current password or if it expired. It uses the OpenOTP second login factor (SMS, Token or Yubikey) to authenticate the password reset operation. Alternatively, TiQR (QRCode login) and PKI access with user certificate can be used as authentication back-ends.
RCDevs Password Reset is compliant with any LDAP password including AD Domain passwords, UNIX passwords and even SAMBA accounts.
You can define password complexity policies or let the application obey the existing AD password policy. The password complexity configuration includes password size, type of characters, password blacklist and even dynamic complexity requirements per password length.