Endpoints are devices where the Advanced Authentication server authenticates. An endpoint can be a Windows workstation for Windows Client endpoint, or Advanced Authentication Access Manager appliance for the NAM endpoint and so on.
The endpoints are automatically added when you install a plug-in such as NAM or install Windows Client. The RADIUS endpoint, an OSP endpoint that is used for WebAuth authentication, and Endpoint41 and Endpoint42 are the predefined endpoints.
NOTE:Endpoint41 and Endpoint42 are created for the integration with legacy NAM and NCA plug-ins, which are used in NAM 4.2 and earlier versions with Advanced Authentication 5.1.
The NAM and NCA plug-ins work with the hard coded endpoint ID and secret. In Advanced Authentication 5.2 and later, you must register the endpoints. This breaks the backward compatibility with old plug-ins. These two legacy endpoints allow to keep the old plug-ins working.
To configure an endpoint for Advanced Authentication, perform the following steps:
In thesection, click against the endpoint you want to edit.
You can rename the endpoint, change its description or endpoint type.
Setto to enable the endpoint.
Setto if the endpoint is trusted. In some integrations such as Migration Tool, Password Filter, NAM, and NCA you must enable the option for their endpoints.
Specify an chain than the other users for authentication.if you have configured a specific chain to be used by the Endpoint owner only. This is a user account that must be able to use a different
The Endpoint Owner feature is supported for Windows Client, Mac OS Client, and Linux PAM Client only.
NOTE:Additional information such as, version, time and information are displayed. Also in RAM information is displayed.
Advanced Authentication Windows Client 5.6 or newer, Advanced Authentication Linux PAM Client 6.0 or newer, Advanced Authentication Mac OS X Client 6.0 or newer must be installed on the endpoint.
You can create an endpoint manually. This endpoint can be used for the third-party applications that do not create endpoints.
To create an endpoint manually, perform the following steps:
In thesection, click .
On thepage, specify a of the endpoint and its .
Set theto .
Setto if the endpoint is trusted.
Click. The window is displayed.
Take down the values specified inand and place them in a secure place in your application.
NOTE:You will not be able to get theand later on the appliance.
NOTE:are not supported for Endpoints.
IMPORTANT:You must ensure not to remove an endpoint that has at least one component running on it such as Windows Client, Logon Filter, RD Gateway plug-in, or ADFS plug-in. Endpoint is removed automatically when you uninstall Windows Client. However you must remove the endpoint manually when you uninstall Logon Filter, RD Gateway plug-in or ADFS plug-in.
If you remove an endpoint accidentally, ensure to remove the records with prefix %ProgramData%\NetIQ\Windows Client\config.properties file and re-start the machine. This recreates the endpoint.from the