Yubico Forum ...visit our web-store at 2010-04-15T15:04:43+01:00 https://forum.yubico.com/feed.php?f=4&t=519 2010-04-15T15:04:43+01:00 2010-04-15T15:04:43+01:00 https://forum.yubico.com/viewtopic.php?t=519&p=2164#p2164 <![CDATA[Re: Windows Terminal Servers]]>
The YubiKey is a write only device i.e. information can only be written to YubiKey and can not be read from it. Hence it is not possible to determine automatically (by reading the information stored in the YubiKey) if the YubiKey belongs to a particular user or not. Users need to provide YubiKey OTP at the time of authentication so that the username to YubiKey mapping can be verified.

AuthLite software provides YubiKey based two factor authentication for Windows Logon based on YubiKey OTP and user's Windows domain credentials. AuthLite also provides centralized management of the YubiKeys. However, we are not sure if it provides YubiKey based authentication for remote terminal access. Please contact AuthLite support for more information about their product.

Statistics: Posted by samir — Thu Apr 15, 2010 3:04 pm

]]> 2010-04-15T12:49:31+01:00 2010-04-15T12:49:31+01:00 https://forum.yubico.com/viewtopic.php?t=519&p=2162#p2162 <![CDATA[Windows Terminal Servers]]>
I was wondering if someone might be able to help me with this.

I would like a piece of software to run on my terminal servers that only allows log in if the Yubikey (which is assosciated to an individiual user) is plugged in and the user enters their Windows domain password correctly.

I do not want an extra PIN for users to remember. I want each Yubikey to be assosciated with an individual user. I do not want the user's password stored on the Yubikey, just an identifier to say 'this is user1'.

I would also like some software to centrally manage the Yubikeys to assign user IDs to the keys and to disable them if needed.

Is this possible? What software do I need?

Regards


James

Statistics: Posted by jamesb — Thu Apr 15, 2010 12:49 pm

]]>