This error message appears when you perform a tap on the Evidian software login window.
The following image provides an example of the pop-up window:
Figure 1. This badge is not assigned. To assign it please type your username and password
Cause
By default the Evidian software allows users to perform self-enrollments of recognized NFC devices.
This issue can occur for one of the following reasons
- A non-Nymi device comes into close proximity of the NFC reader at a user
terminal. The Evidian software detects the device.Note: When the user provides their username and password and completes the badge assignment, users can tap the same device or a device with the same internal identifier on an NFC reader to complete authentication tasks with the identity of the user that completed the self-enrollment.
- A user taps an authenticated Nymi Band that was enrolled
in a different Nymi with Evidian datazone on the
NFC reader at a user terminal. The Evidian software detects the Nymi Band. Note: When the user provides their username and password and completes the badge assignment, users can use Nymi Band to complete authentication tasks with a Nymi Band tap in both datazones.
- A user performs a Nymi Band enrollment in the Nymi Band Application in the same Nymi
with Evidian datazone, but the enrollment did not occur in the Evidian EAM
database. For example, when the user performed the Nymi Band enrollment in the Nymi Band Application, but the NES
policy was not configured with the NES and Evidian
enrollment destination value. Note: When the user provides their username and password and completes the badge assignment, the user can use Nymi Band to complete authentication tasks with their identity.
Resolution
- Create the following registry key on all user terminals, including all
Citrix/RDP servers, to disable the Self Enrollment feature.
- Run regedit.exe
- Navigate to .
- Right-clickAuthentication, and then select .
-
In the Value Name field, type RFIDSelfEnrollAllowed. Leave the default Data value (0).The following figure provides an example of the RFIDSelfEnrollAllowed key.Figure 2. RFIDSelfEnrollAllowed Registry Key
- Close Registry Editor.Restart the Enterprise Access Management Security Service.
- Restart the Enterprise Access Management Security Service.
- Ensure that you configure the NES policy to perform
NES and Evidian enrollments.
- Connect to the NES Administrator Console.
- Edit the active policy.
- From the Enrollment Destination list, select NES and Evidian.
- Save the policy.
- Instruct the user to log into the Nymi Band Application while they wear their authenticated Nymi Band. Nymi Band Application completes the enrollment on the Evidian EAM Controller.
Comments
0 commentsPlease sign in to leave a comment.