Question(s):
There are many ways I can get my users to authenticate to EveryonePrint HCP, but what are the easiest ways to configure this?
Answer(s):
EveryonePrint HCP has several configuration options for Azure AD compatibility.
The below table should assist with understanding which is the best configuration for your clients.
This is not an exhaustive list, and other configurations will still function correctly.
|
Windows Log In Method |
MFA |
HCP Portal |
PC Client |
Card Registration |
|
Local / BYOD |
No |
Username / Password |
Custom Login |
Username / Password |
|
Yes |
SAML V2 – Prompt for Password |
OpenID Connect |
Username / One Time Password |
|
|
Azure AD |
No |
SAML V2 - SSO Username / Password |
UPN Custom Login |
Username / Password |
|
Yes |
SAML V2 - SSO |
UPN OAuth2 |
Username / One Time Password |
Notes:
- You must configure HCP with the correct Authentication Provider:
- UPN & Custom Login are compatible with Azure AD Authentication.
- OAuth2 is only compatible with Client Authentication.
- Azure AD Log In to Windows should give back the UPN of the logged-on user.
- On Windows 10 this can be via Windows Hello or Username / Password
- To ensure UPN is correct, run command prompt and run
whoami -upn
- SAML V2 / Single Sign-On configuration in the HCP Portal automatically signs in users if they are logged in solely to their corporate O365 account on that Computer.
- OAuth 2 allows MFA at the PC Client.
- If Client authentication (OAuth2) is configured, users cannot use username and password at the MFD.
- Card, ShortID or OTP must be used. Users must be logged in at the PC Client with a valid token.
- One Time Password trigger within HCP Portal needs to be activated and Messaging configured.
- Users get OTP on first print.
Comments
0 comments
Article is closed for comments.