If the administrator creates multiple event categories, you can enroll multiple authenticators of the same type. During enrollment, you are required to select an appropriate category according to the administrator’s guidance. Later, during authentication to the Windows workstation, you might get a prompt to select a category where you must choose one of the categories. For some methods, the category selection prompt is not displayed. However, Advanced Authentication selects an appropriate authenticator automatically.
Thomas, an administrator, has performed the following steps to allow users to enroll the Card and Smartphone methods with multiple devices:
Created CAT1 category in addition to the default category in the Event Categories policy.
Created a chain with the Card and Smartphone methods.
Set All Categories to ON (default) in the Windows Logon event and map the chain to the event.
Paul, an end user, has two cards and two mobile phones (Android and iOS) with NetIQ Auth app installed on both. He enrolls each card and phone to a category. He logs in to the Self Service portal and performs the following actions:
Enrolls the following methods to the default category:
Smartphone method: Android phone
Card method: Card 1
Enrolls the following methods to the CAT1 category:
Smartphone method: iOS phone
Card method: Card 2
After enrollment, Paul selects the chain with Card and Smartphone methods. He can authenticate to the Windows workstation by performing one of the following actions:
Tap Card 1. Select default from the category selection prompt and then accept the push notification on android phone.
Tap Card 1. Select CAT1 from the category selection prompt and then accept the push notification on iOS phone.
Tap Card 2. Select default from the category selection prompt and then accept the push notification on android phone.
Tap Card 2. Select CAT1 from the category selection prompt and then accept the push notification on iOS phone.