The BioCert® Identity logon interface improves system
security through the use of multifactor user authentication and
improves user convenience by replacing multiple Windows logon
accounts with a single logon into BioCert® Identity.
To log on to the BioCert® Identity while logging on to the
computer or network, the use of the BioCert® Identity logon
interface dialog is required. You can choose this option in
BioCert® Identity settings by selecting Settings,
General tab, Use BioCert® Identity with
classic logon prompt setting.
The following topic sections provide additional information
about Windows Logon functions:
Windows Logon Overview
BioCert® Identity is used to log on to Windows on a local
computer or network. The BioCert® Identity logon interface
improves system security through the use of multifactor user
authentication and provides user convenience by replacing
multiple Windows logon accounts with a single logon through
BioCert® Identity.
When the user logs on with the BioCert® Identity logon
interface for the first time, the system automatically adds
the corresponding local Windows account as the user's
network account for BioCert® Identity's Windows Logon
service. Usually only the Windows password is available for
the very first logon to BioCert® Identity. As soon as the
user enters the Windows password into BioCert® Identity, the
user can register other types of credentials for any
supported authentication methods.
A user must register additional Windows user accounts
with BioCert® Identity before they are available as a
selection within the BioCert® Identity logon interface,
which then allows the user to select a specific local or
network user account at logon time from the list of
pre-registered accounts.
To register a new network account to the existing User
Identity, and then log on to domain or local Windows
account:
- Log on to BioCert® Identity using your local account
(for example, "A").
- In BioCert® Identity, select
My Identity.
- Select Add a Network Account. The
Add Network Account Wizard is displayed.
- In the User credentials screen,
type user name, domain name and password for your domain
account (for example, "DOMAIN\B").
- Log off from Windows.
- To log back on to Windows, log on to BioCert®
Identity with the user and domain name corresponding to
the user "B". BioCert® Identity automatically logs you
into User Identity that was initially created for the
user "A". Now you can share all the user data between
your two Windows accounts.
Note
The BioCert® Identity logon interface should be enabled to
provide Microsoft Windows logon functionality. To enable the
BioCert® Identity logon interface, select it during initial
product installation, or set this option later by selecting
the option Use BioCert® Identity to log on to
Windows , which is located in the General group of
settings.
Note
Depending on configuration, BioCert® Identity may allow to
bypass the BioCert® Identity logon interface and log on to
the system without logging into BioCert® Identity. To
bypass, in the BioCert® Logon Wizard, click More,
select Do not Log On to BioCert® Identity.
Then select a local computer or desired domain name in
Log on to list.
Adding a Network Account
BioCert® Identity provides a component to add Network
Accounts.
To add a network account:
- In BioCert® Identity, select
Services and Applications.
- In Windows Logon, select
Add a Network Account. The Add Network Account
Wizard is displayed.
- Follow the instructions on the screen. You will be
asked to enter your user name, domain, and password for
a network account.
Note
You may select Browse to navigate to
the desired network account.
- If you want BioCert® Identity to validate the user
credentials before saving them into User Identity,
select Validate network account when Next or
Finish button clicked.
- Click Finish to complete the
operation.
Note
A user must register additional Windows user accounts with
BioCert® Identity before they are available as a selection
within the BioCert® Identity logon interface, which then
allows the user to select a specific local or network user
account at logon time from the list of pre-registered
accounts.
Note
BioCert® Identity automatically logs you on to a default
Windows account. If no default user account is set up,
BioCert® Identity allows you to select the desired user
account at logon time from all registered user accounts.
Changing a Network Account
To change a network accounts:
- In BioCert® Identity, select
Services and Applications.
- In Windows Logon, select
Manage Network Accounts. A list of registered
network accounts is displayed.
- On the Microsoft Network Accounts
dialog box, you can add or remove accounts and set up
account properties by entering a user name, domain, and
password.
- If you want BioCert® Identity to validate the user
credentials before saving them into User Identity,
select Validate network account when Apply or OK
button clicked.
- Click OK to save the changes.
Deleting a Network Account
To delete a network account:
- In BioCert® Identity, select
Services and Applications.
- In Windows Logon, select
Manage Network Accounts. A list of registered
network accounts is displayed.
- On the Microsoft Network Accounts
dialog box, select the network account you wish to
delete, and then select Remove.
- Click OK to save the changes.
Windows Logon Settings
Configuring general logon settings
General logon settings include:
- Usage the BioCert® Identity to log on to Windows
- Logon Wizard settings
To configure the general logon settings:
- In BioCert® Identity, select
Settings.
- Select General tab.
- Configure the desired settings, and then click
OK to save the changes.
Configuring Windows Logon service
The following groups of Windows Logon service settings
may be specified:
- General Settings - Allow or deny adding and browsing
of network accounts.
- Path-through network logon - Allow or deny the
ability to log on to Windows with direct Windows
password authentication in case if BioCert® Identity
logon interface is selected. Despite on the installed
BioCert® Identity logon interface, the authentication
occurs in Windows operating system rather than in
BioCert® Identity.
- Permissions to view network account data
To configure Windows Logon service settings:
- In BioCert® Identity, select
Settings.
- Select Services and Applications
tab.
- In Select category drop-down list,
select the user category to which the settings to be
configured.
- In the list of services, select Windows
Logon and then click Properties.
The Windows Logon dialog box is
displayed.
- Configure the desired settings, and then click
OK to save the changes.
Windows Logon Troubleshooting
BioCert® Identity Logs You On to the Wrong Windows
Account
If BioCert® Identity does not log you into desired
Windows local or domain user account:
- In BioCert® Identity, select
Services and Applications.
- In Windows Logon, select
Manage Network Accounts.
- Verify that your desired network or local user
account is displayed in the network accounts list. If
the desired account is not in the list, select
Add, add the desired account as described in
Adding a Network Account topic section.
Note
BioCert® Identity automatically logs you on to the desired
Windows account.
Multifactor authentication prevents you from logging on
to Windows
BioCert® Identity uses multifactor authentication to
protect access to your private data. This may cause a
problem if you are not able to pass required user
authentication when you are logging on to Windows. You may
want to bypass the BioCert® Identity logon interface.
To bypass the BioCert® Identity logon interface:
- In BioCert® Logon Wizard, click
More, and then select Do not
Log On to BioCert® Identity.
- Select a local computer or desired domain name in
Log on to list.
View
Cart
