We have added a number of new functionalities to the Axidian CertiFlow software since the last release. The brand new features include the introduction of the “Dashboard” section and the support of certificate issuance for the Windows registry and Windows Hello for Business. The existing functionality has also been improved. For example, now you can track smart card certificates not only at the time of their issue but also after an update. Read more about all the changes below.
Dashboard
This new section displays the summary information regarding the Axidian CertiFlow status. The following sub-sections can be accessed:
- The total number of licenses as well as the number of active licenses.
- The number of registered, pending and active Agents together with the status of the tasks assigned to them.
- The number of smart cards according to their status in the system, the status of their contents and certificates, and whether or not they require updating due to users switching the policy or changing the certificate template set in the current policy.
- The status of service certificates to be integrated with the certificate authorities.
- The Axidian CertiFlow user status.
Adding RSA certificates to the Windows registry
A new Registry smart card type was introduced in addition to physical and virtual smart cards. Similarly to smart cards based on Trusted Platform Module 2.0, the Registry card type is linked to the end user’s workstation. The Self-Service functionality allows the users to request and add certificates to the local machine and/or current user certificate stores using their own credentials.
Support for Windows Hello for Business devices
Another new type of supported devices is smart cards based on Windows Hello for Business. A Windows Hello for Business configuration manager can be accessed through the Axidian CertiFlow Self-Service functionality to create a smart card and set a PIN. In addition to the user authentication certificate issued automatically at the time of WHfB smart card creation, Axidian CertiFlow also enables the users to add any other certificate to the same container. For instance, an email signing certificate.
Requesting and adding additional certificates to the existing Windows Hello for Business container.
Status-based user search in the Axidian CertiFlow database
The previous versions of the Axidian CertiFlow allowed user search only in the Active Directory. Now we have also added status-based search in the Axidian CertiFlow database. The Axidian CertiFlow administrators and operators now can much more easily identify locked users (those who exceeded the maximum number of security question answer attempts) or users that failed to set the answers to the security questions.
Batch device addition from a file using the Management Console web interface
Large batches of new devices can now be easily added to the system. All you have to do is download a file with a list of serial numbers (available from the equipment manufacturer or the supplier) and specify the administrator PIN that must be associated with these devices. The supported file extensions are .txt и .csv.
Other changes in Version 6.2
- All supported third-party certificates can now be tracked and printed out in case of device updates (also using an agent), provided that this option is enabled in the device usage policy.
- Specific products are added for eTokenProJava72K и IDPrime (Gemalto) device types.
- Support for YubiKey 5 Series devices.
- Optimized Active Directory performance when accessing user attributes.
- The sAMAccountName attribute has been added to the Active Directory attributes. New functionality has been added to assign user roles using the sAMAccountName attribute and to use this attribute when conducting an advanced search of the user directory.