3. Configure Default settings, Resolvers and Realms¶
You can configure the default settings, resolvers and realms either using the Management Web UI on
or start the Management Client:
glinotpadm.py
You need to configure the management client so that the client knows were to reach the server. For configuring the server connection go to the menu Config → LinOTP Client Configuration.
There you need to enter the IP address assigned to your LinOTP Server. You may choose the protocol (HTTP or HTTPS), the server name and the port. After clicking OK the client will try to connect with this new settings and retrieve the token list and the user list. This configuration is stored in the users home directory in the file glinotpadm.cfg.
On the tab enrollment settings you can configure the behavior when enrolling SafeNet eToken NG-OTP.
The default Token name will be set, when an eToken NG-OTP is enrolled without assigning the token to a user. If the token is assigned during enrollment, the token name will be set to the loginname of the user. The OTP display duration specifies, how long the OTP value will be displayed on the eToken NG-OTP, when the token button is pressed.
On the tab enrollment settings you can configure the behavior when enrolling SafeNet eToken NG-OTP. The default Token name will be set, when an eToken NG-OTP is enrolled without assigning the token to a user. If the token is assigned during enrollment, the token name will be set to the loginname of the user.
The OTP display duration specifies, how long the OTP value will be displayed on the eToken NG-OTP, when the token button is pressed.
You may set a random user PIN and a random SO PIN [1] during enrollment. These PINs are stored in the database in an encrypted way for later use.
Another authentication method is using client certificates. The LinOTP server then needs to be reconfigured.
| [1] | Security Officer PIN. This PIN can be used to unlock the smartcard part of the token. |