View Source

If you included the Help Desk Verification Service in the installation of your DualShield server, then the following components with the same name "Help Desk Verification Service" will be automatically created in the MFA server:

Application
Realm
Agent
Logon Procedure

DualShield MFA Platform > Set up Help Desk Verification Service > image2023-8-11_0-6-52.png

To set up the Help Desk Verification Service, you only need to configure the realm and logon procedure that are used by the Help Desk Verification Service, and you also need to create a new logon policy for the Help Desk Verification Service.

Please follow the steps below:

Set up Realm

For the realm, you simply need to add the AD domain to the realm

DualShield MFA Platform > Set up Help Desk Verification Service > image2023-8-11_0-15-19.png

DualShield MFA Platform > Set up Help Desk Verification Service > image2023-8-11_0-16-6.png

Set up Logon Procedure

The logon procedure defines how users can be verified. You need to add logon steps and authentication methods

DualShield MFA Platform > Set up Help Desk Verification Service > image2023-8-11_0-20-37.png

Add any authentication method that can be used to verify a user's identity, e.g. One-Time Password.

DualShield MFA Platform > Set up Help Desk Verification Service > image2023-8-11_0-21-32.png

Create Logon Policy

The Help Desk Verification Service is used by the admin or helpdesk team to verify the identity of users. Therefore, you need to make sure that MFA is enabled on all users. The simplest and most reliable way of enabling MFA on all users is to create a dedicated logon policy for the Help Desk Verification Service application.

Create a new logon policy, and apply the new policy to the Help Desk Verification Service application. Also, select "Multi-factor authentication is required for all users"

DualShield MFA Platform > Set up Help Desk Verification Service > image2023-8-12_17-15-44.png