13.7 Custom Messages

In this policy, you can customize the error messages, method message and prompt message of a specific language.

For example, you can customize the default logon error message in English to Your login failed. In the Self-Service portal, when the user specifies wrong user name, the customized error message is displayed.

To customize the messages, perform the following tasks:

NOTE:The customized messages are cached in the Advanced Authentication server. The refresh interval for custom messages is one hour. Therefore, when you customize a message or upload a custom localization file, the respective message is displayed on the corresponding Advanced Authentication portals and clients after an hour.

You can also perform the following tasks in the Custom Messages policy:

13.7.1 Customizing Messages in the Custom Localization File

To customize preferred messages using the Custom localization file, perform the following steps:

  1. Click Custom Messages.

  2. Perform one of the following action to download the custom localization file on your local drive:

    • Click Download original to save the custom_messages.tar.gz file that contains the default messages.

    • If you have customized the messages, click Download current messages to save the current_custom_messages.tar.gz file that contains the latest messages.

  3. Extract the files from the custom_messages.tar.gz file.

  4. Navigate to the preferred language folder.

    To customize English messages, use the custom_messages.pot file and for other languages use the custom_messages.po file.

  5. Open the custom_messages.pot file in the text format.

  6. Specify the message in the msgstr "".

  7. Save the changes.

  8. Compress the custom_messages folder to .tar.gz or .zip format.

  9. Click Browse and select the compressed custom_messages file from the local drive.

  10. Click Upload.

13.7.2 Customizing a Specific Message on the Portal

To customize a specific message on the portal, perform the following steps:

  1. Click Custom Messages.

  2. Use the Message filter to search for a specific message or you can find the preferred message manually.

  3. Use the Message Group to search a specific message by group. Options available are All, Method messages, Error messages, and Other messages.

  4. Click the Edit icon next to the preferred message. You can also double-click on the message to edit the content.

  5. Specify the message in the preferred language.

  6. Click Save.

13.7.3 Customizing Authentication Request Message For Smartphone Method

You can customize the authentication request message that is displayed on the NetIQ Auth app when user initiates Smartphone authentication. The authentication can be either to the endpoint or to the Advanced Authentication portals.

To customize the message for smartphone method, perform the following steps:

  1. Click Custom Messages.

  2. Search for one of the following keys:

    • method.smartphone.authentication_hint to edit the request message specific to endpoint authentication.

    • method.smartphone.authentication_hint_no_endpoint to edit the request message for any authentication that does not use endpoint such as Advanced Authentication portals login.

  3. Click for the preferred key.

  4. Specify any of the following parameters in the preferred language message as per your requirement:

    • {user} to fetch the user name.

    • {client_ip} to fetch the client IP address.

    • {event} to fetch the event name.

    • {tenant} to fetch the tenant name.

    • {endpoint} to fetch the endpoint name.

  5. Click Save.

NOTE:The customized authentication request message will reflect on the NetIQ smartphone app after an approximate delay of one hour.

For example, to customize the endpoint specific authentication message for the smartphone method you must search the key method.smartphone.authentication_hint and specify the message {user} requested for authentication request from the client {client_ip} for the {event} to access the {endpoint} in the field corresponding to English language. When the user tries to authenticate to Windows Client using the smartphone method then the customized message is displayed on the NetIQ smartphone app as:

Bob requested for authentication request from the client 10.3.10.5 for the Windows logon to access the Windows-machine-589.

13.7.4 Customizing Prompt Messages of the Authentication Methods for RADIUS Event

You can customize prompt messages of the authentication methods that are configured for the RADIUS event. The customized prompt messages are displayed when a user initiates authentication to the RADIUS event using the configured methods.

To customize prompt message, perform the following steps:

  1. Click Custom Messages.

  2. Use the Message filter to search for a specific prompt message or you can find the preferred message manually.

    For example, specify radius.totp.prompt to search the prompt message displayed on RADIUS client for the TOTP method.

  3. Click the Edit icon or double-click on the preferred message to edit the content.

  4. Specify the message in the preferred language on the Edit Customer Message page.

  5. Click Save.

For example, consider Thomas, an administrator, wants to customize the default prompt message of the Voice OTP method that is configured for the RADIUS event. Thomas must first search the key radius.voice_otp.prompt and modify the message to Specify the OTP that you heard from the voice call in the text box corresponding to English.

When Mark, an end user tries to authenticate to RADIUS event using the Voice OTP method, the customized prompt message is displayed.

13.7.5 Customizing the Messages for Clients

You can customize the error messages, method message and prompt message specific to any authentication method that is displayed on endpoints such as Windows, Linux PAM, and Mac OS Clients.

To customize the message for clients, perform the following steps:

  1. Copy the aucore.custom.zip custom localization file from one of the following path based on the Client:

    • Windows: C:\Program Files\NetIQ\Windows Client\locale\

    • Linux PAM: /opt/pam_aucore/locale/

    • Mac OS X: Library/Security/SecurityAgentPlugins/aucore_login.bundle/Contents/Resources/aucore/locale

  2. Navigate to Policies > Custom Messages in the Administration portal.

  3. Click Choose file and select the custom localization file.

  4. Click Upload.

    NOTE:You can find the messages specific to the Clients with the prefix client. in the Key.

  5. Search a specific message using the Message filter or find the preferred message manually.

    For example, specify client.method.smartcard.waiting_for_card to search the prompt message displayed for the Card method on all clients.

  6. Click Edit next to the preferred message. You can also double-click on the message to edit the content.

  7. Specify the message in the preferred language.

  8. (Conditional) If you want to change the font size, color, and font family of custom message, insert the message within the HTML tag:

    <font size="3" color="red" face="Arial"><b>Message to Display</b></font>

    For example, to customize the font size, font color and bold the Caps lock message in English language on all clients, search the key client.method.password.caps_lock and specify the following HTML tag in English:

    <font size="5" color="blue" face="Arial"><b>Caps Lock in ON!</b></font>

    NOTE:The supported HTML tags to customize messages are as follows:

    • <font size=”x” color=”text_color” face=”font-family”> </font>: To set the font size, color and font-family.

    • <b> </b>: To make the text bold.

    • <i> </i>: To make the text italic.

  9. Click Save.

NOTE:The customized messages reflect on the respective Clients after an approximate delay of one hour. However, after the first online log in to the Client, users can view the customized messages.

For example, consider Thomas, an administrator wants to customize the default method message (Enter one-time password) of the TOTP method that for all clients. Thomas must first search the key client.method.totp.password and modify the default message to Specify the OTP that is displayed on Token or App in the text box corresponding to English language.

When Mark, an end user tries to authenticate to Linux PAM Client using the TOTP method, the customized method message is displayed.

13.7.6 Localizing the Web UI and Messages

To localize the messages and web UI to an unsupported language, perform the following steps.

  1. Click Custom Messages.

  2. In Custom locales, click Download Template to save the bundle-en.tar.gz file that contains the default messages.

  3. Extract the files from the bundle-en.tar file.

  4. Navigate to the extracted folder.

    To localize core messages, use the AuCore file and to localize the web UI elements, use webui file.

  5. Open the AuCore or webui file in the text format.

  6. Specify the preferred language message in the msgstr "".

    For example, if you need to localize password will expire in $(days) days message to Latin, specify in password erit exspirare $ (dies) dierum in msgstr "" as in the following image.

  7. Save the changes.

  8. Compress the bundle-<language name> folder to.tar.gz or.zip format.

  9. In Custom locales, click to add the template file.

  10. Select the preferred language name in Locale.

  11. Click Choose File and select the compressed bundle-<language>.tar.gz file from the local drive.

  12. Click Upload.