Skip Navigation
  1. BlackBerry Docs
  2. BlackBerry AtHoc
  3. 7.15
  4. Manage Users
  5. Manage user authentication
  6. Assign authentication methods to applications
  7. Desktop app

Desktop app

  1. In the navigation bar, click The Settings icon.
  2. In the
    Users
     section, click
    User Authentication
    .
  3. On the
    User Authentication
     screen, in the
    Assign Authentication Methods to Applications
     section, select one of the following authentication methods for the desktop app from the
    Authentication Method
     list:
    • LDAP Attribute
      : This option enables the desktop app to authenticate with a Microsoft Active Directory attribute that you provide in the
      Attribute
       field. The desktop app queries this attribute directly from the signed-in user's directory profile and sends it to the server. This option allows the desktop app to operate while sending less user information to the server. When this option is selected, the desktop app does not send Windows user names or domain names in sign on or check update query strings.
      This option requires desktop app version 6.2.x.271 or later.
    • Smart Card
      : This option enables smart card authentication.
      • From the
        Number of Certificates
         list, select the number of client certificates to collect. The recommended value is 3.
      • Optionally, in the 
        Regular Expression
         field, enter a regular expression in the following format:
        UID=(?<edipi>\d{8,10})
        . Contact
        BlackBerry AtHoc
         customer support to configure this field.
      • Optionally, in the
        Client Regular Expression
         field, enter a client regular expression in the following format:
        .*?(^)(?:(?!\s-[A||E||S]).)*
        . This format extracts information from the client certificate subject name to find the identical certificates for authentication. The regular expression provided in the UI is a sample expression that may not be suitable for your environment. You can build you own regular expression or contact
        BlackBerry AtHoc
         customer support to configure this field.
      • Optionally, select
        Create new user if an account is not found
         to configure the desktop app to create a user at sign on if the user does not already exist.
    • Defer to Self Service
      : This option requires users to sign in using a registration window determined by the authentication type configured for Self Service.
      • If the Self Service authentication method is set to Username and Password, the users sees a registration window and must provide their first name, last name, username, password, confirm their password, and fill in a captcha. The user has the option to register as a new user or to sign in with their existing user credentials.
      • If the Self Service authentication method is set to Smart Card, the user sees a CAC Certificate selection screen and must pick a certificate.
      • If the Self Service authentication method is set to Windows Authentication, the user sees a Windows credentials screen and must provide their username and password.
      • If the Self Service authentication method is set to Single Sign-On, the user is sent to a configured external URL for single sign-on.
    • Windows Authentication
      : This option configures the desktop app to use only the Windows username or to use both the Windows username and the domain.
  4. If LDAP Attribute, Smart Card, or Windows Authentication is selected, you can select
    Create new user if an account is not found
     to configure the desktop app to create a user at sign on if the user does not already exist.
  5. Click
    Save
    .