SafeNet Agents
SafeNet Synchronization Agent
- Install SafeNet Synchronization Agent
- LDAP synchronization server
- SafeNet Synchronization Agent for LDAP
- Configure for SQL
- Synchronization groups
- AD password synchronization
- Grant synchronization permission
- Transaction and synchronization details
- View the LDAP schema
- Aliases 3 and 4
- Configuration options
- Event notifications
- Browse the user source
- Start and stop SafeNet Synchronization Agent
- Backup or restore configurations
- SafeNet Synchronization Agent log files
- Synchronize users from Microsoft Entra ID
- SafeNet Synchronization Agent - Frequently Asked Questions
SafeNet Logging Agent
- Log event types
SafeNet Agent for FreeRADIUS
- Install SafeNet Agent for FreeRADIUS
- Download BSID and JWT Keys
- Install FreeRADIUS
- Upgrade FreeRADIUS
- Startup script
- Manual client updater
- Troubleshoot SafeNet Agent for FreeRADIUS
- Protected Extensible Authentication Protocol
SafeNet Agent for NPS
- Compatibility and Components
- NPS for RADIUS Clients
- SafeNet agent for NPS
- Install SafeNet Agent for NPS
- Uninstall SafeNet Agent for NPS
- Upgrade SafeNet Agent for NPS
- RADIUS return attributes
- Proxy server
- NPS settings
- NPS communication settings
- Authentication test
- NPS logging
- NPS localization
- PUSH notifications and NPS
- SafeNet Agent for NPS
SafeNet Agent for Windows Logon
- Installation and Configuration Overview
- System Requirements
- Windows Logon Agent - Authentication Methods
- Pre-installation
- Installing the agent
- Upgrading the agent
- Uninstalling the agent
- Deploying the agent via Group Policy Object
- Deploying the agent via Intune
- Deploying the agent via Microsoft Endpoint Configuration Manager
- Registry Settings
- Management
- Troubleshooting and Advanced Configurations
- Running the Solution
- Passwordless Windows Logon
- Pre-installation
- Customizing SafeNet Desktop Logon Application
SafeNet Agent for macOS Logon
- Pre-installation
- Installing, Configuring, Upgrading, and Uninstalling the agent
- Management
- Testing the Solution
SafeNet App Gateway
- System Requirements
- Security Recommendations
- Single Sign-On (SSO) Support for SafeNet App Gateway
- Pre-installation
- Generic Template for SafeNet App Gateway
- Oracle PeopleSoft
- Jenkins Application Configuration in SafeNet Trusted Access
- Deployment options
- Installing the Agent
- Configuring the Agent
- Upgrading and Uninstalling the Agent
- Plugin Model
- Troubleshooting
- Testing the Solution

System Requirements

Software Prerequisites	> Microsoft .NET 4.8 and above
Communication Protocols	> HTTPS • TLS 1.2 and above
Network Port	> TCP Port 443
Azure Support	> Azure AD* > Hybrid Azure AD
Operating Systems	> Windows 10 > Windows 11 > Windows Server 2016 > Windows Server 2019 > Windows Server 2022
Supported Authentication Methods	All tokens and authentication methods currently supported by STA.
Supported Tokens in Offline Authentication Mode	> Emergency Password > Static Password > Event-based tokens, for example, MobilePASS (in Quick Log mode) NOTE Only last used event-based token is supported. When using MobilePASS+, the Push OTP feature does not work, but standard One Time Password (OTP) authentication works.

The agent is compatible with the Microsoft native FDE tool, BitLocker.

* Limitations for Azure AD joined machines

The Exempt Local/Domain Administrator strong authentication does not work with pure Azure AD joined machines for domain admins. However, this feature works as expected for the local admins.
The Group Filter feature does not work with pure Azure AD joined machines for domain groups. However, this feature works as expected for the local groups.
Third-party federation services with Azure AD joined machines are not supported.

Supported Use Cases


Windows Logon Functions	Description	Supported by WLA?
Interactive	The security principal is logging on interactively.	Yes
Unlock	The logon is an attempt to unlock a workstation.	Yes
RemoteInteractive	A terminal server session that is both remote and interactive.	Yes
CachedInteractive	Attempt to use the cached credentials without going out across the network.	Yes
Network	The security principal is logging using a network.	No
Batch	The logon is for a batch process.	No
NetworkCleartext	The logon is a network logon with plaintext credentials.	No
NewCredentials	Allows the caller to clone its current token and specify new credentials for outbound connections. The new logon session has the same local identity but uses different credentials for other network connections.	No
Service	The logon is for a service account.	No

Suggest A Change

System Requirements

* Limitations for Azure AD joined machines

Supported Use Cases

On this page