UniOTP Server Control Tool

From SecuTech Wiki
Jump to: navigation, search


About this tool

UniOTP Server Control is a desktop tool used to configure and manage UniOTP authentication service. By using this tool, you can check and control the status of UniOTP authentication service, and check and reconfigure the configuration information of the UniOTP authentication service.

Launch the tool

  • Double click on UniOTPSCRControl desktop shortcut to launch the service control program.
  • Launch the service control program through Start Menu - Programs - UniOTPSCRControl

Function Introduction

Service status control

After the program is started, the interface of the service status will appear.

  • ServiceName: name of service
  • DisplayName: the display name of service
  • Description: the description information of the service
  • Executeable File Path: the absolute path of the executable program corresponding to the service
  • StartType: the start type of the service. It can be set to automatic, manual and disable
  • Service Status: the service current status

After the service configuration has been changed, the Apply button will become available, click on Apply to apply the new configuration. Click on Start or Stop to start and stop the service

OTPServer control settings

Database configuration

Click on the Settings tab to get into more service configuration interfaces, such as the database configuration interface, as displayed in the following picture.

  • DSN: information is used to configure the data source
  • Database Source Name: select the suitable database source
  • Description: description of the database source
  • DataBase Type: the type of database

Connection Parameters is used to configure the database link parameters.

  • User: the username used to connect to the database
  • Password: the database login password corresponding to the user

After configuring all parameters, click on Test Connection button to test the connection.

OTPServer database configuration panel

Note: If running the server on a 64-bit machine, use C:\Windows\SysWOW64\odbcad32.exe and a 32-bit connector. If all the information is valid, the connection has succeeded, as shown in the following picture.

370px

If the information is incorrect, the connection will fail, as shown in the following picture.

connection to database failed

Authentication service configuration

Click on the Server Setting tab to switch to service configuration interface, as displayed in the following picture. The Server Information column contains configuration information about service network and performance.

  • Port (Radius Server): the port number of the authentication service, following the Radius authentication protocol. The default port is 1812.
  • Request Interval: the period of time between requests
  • Max idle time: the maximum idle time of the certified thread
  • Max Threads Num: the maximum number of worker threads.

OTPServer authentication service configuration panel

Login and authentication parameters configuration

Select the Options tab to access the login and authentication parameters configuration.

In the Authentication Option column, we have.

  • Authentication Wnd: authentication window, the default value is 30 (for safety reasons the window should not be set to big)
  • Key Length: the length of user secret keys (please change this value carefully)
  • Max Failed-Try: the maximum number of failure attempts

In the Log Options column, we have.

  • Log Mode: log mode (store the log in log file or database)
  • Log Condition: the condition of log generation
  • Log File Size: the maximum log file size when you choose to store a log in log file

OTPServer login and authentication configuration panel

The configuration of the shared secret key for the authentication service and clients

Click on the Share tab to enter shared secret key configuration interface. In this panel, configure the shared secret key of the authentication client (application server), and enable and disable each status.

OTPServer client and blacklist

In the Client List, the IP address shows the current authorized authentication clients, and shared Key displays the shared secret key for the service and this authentication client. Click on Add button to add a new authentication client. And enter a new client IP address and shared key. Afterwards add a new authentication client, click on Apply to save and apply these new changes.

add client to client list

Click on Delete button to delete an authentication client. After clicking on delete, the selected client will be deleted. During the delete operation, a confirmation dialogue will pop up (after confirming the delete operation, the client configuration file will be deleted).

'delete client ADDRESS?' message

If no client is selected, the following message will appear.

'no client is selected' message

Click on the Edit button to modify the configuration of the selected client. The client's IP address will not be modified, and only the shared key can be changed. For example, if the client (IP address 127.0.0.1) is selected, after clicking on Edit, a dialogue window will pop up. Enter the new shared key in the dialogue window, and then the Apply button will become available. Click Apply to enable all the new configurations.

edit client IP address and shared key

Click on Add Black button to add an authentication client to the blacklist. Clients in the blacklist will not request authentication, but the authentication system will save the relative shared key information, so the authentication function can be recovered by removing the client from the blacklist. The blacklist, the IP address displays all the authentication clients' IP address' added into the blacklist, and shared key displays the shared key for the client and the authentication service. Clicking Delete to delete an authentication client from the blacklist. After the user confirms the delete operation, the client will be permanently deleted from the system. Click Remove to remove the client from the blacklist, to recover the authentication. After executing the remove operation, click Apply to apply changes. After clicking on Apply, the following dialogue will appear.

'update configuration successful' message

Email parameters configuration

Click on the Mail tab to enter Email configuration interface. This panel contains configurations about the Email server.

OPTServer email configuration panel

Use Email Service select box to decide whether to use the email reminder function. After using the email reminder function, the SMTP server must be configured.

  • SMTP Server: the SMTP server name or IP address
  • SMTP Port: SMTP server Port (the default port is 25)
  • Mail Subject: the mail subject sent by the system
  • Email From: the email address displays in email recipients
  • SMTP Server authentication: select if the email server needs authentication
  • User Name: the username used for SMTP authentication.
  • Password: the password corresponding to the username.

After finishing the configuration , click Apply to apply configurations.


Exit the tool

The tool will not exit by clicking on the close button in the interface. The tool will just be minimized to the tray. Right click on the icon in the tray, and click on Exit to close the program, as shown in the following picture.

clicking exit on the tray icon to close the program