Windows Desktop MFA - domain joined machines

Windows Desktop MFA - domain joined machines

Pre-requisites

Pre-requisites

Before installing idemeum desktop client on domain joined machines, please make sure you perform one-time configuration to set up Active Directory Certificate Services.

Please follow the guide below to configure certificate services.
Windows Desktop MFA - AD CS configuration
Active Directory Certificate Services (AD CS) leveraged to perform Certificate Logon, i.e., Smart Card Logon post completing MFA via Idemeum app for Windows Desktop Login. The configuration required at the Domain Controller (DC) is divided into three steps to use a Passwordless MFA logon. 1. Conf…

Install idemeum desktop app

  • Navigate to https://[your domain].idemeum.com/userportal
  • Click AccountsAdd desktop app
  • Click Download idemeum for Windows to download the latest desktop installer
  • Run the downloaded installer on your Windows machine
  • If there are any requests to install dependencies, please do so
  • Click Next

  • Choose the installation location and then click Next

  • Click Install

  • Installation is now complete. Click Finish to start pairing your idemeum mobile application with this Windows machine.

Pair idemeum mobile application

  • Enter your company idemeum URL (for example coke.idemeum.com) and then click Next
  • Open your idemeum mobile application, click Login at the bottom menu, and scan the QR-code the is displayed on the screen.
  • Approve pairing with biometrics. Once pairing is approved, click Finish
  • One pairing is complete, the new application with your computer name will be added to your application catalog on desktop as well as mobile.
c

How to share your desktop

For domain joined computers you can share your laptop / desktop with other employees.

  • Navigate to your idemeum application catalog
  • Click Accounts
  • Search for the computer name that you want to share
  • Click on ... and choose Share application
  • Choose the email address of a person you would like to share your computer with. Once sharing is done, the other person will be able to login to your computer with Passwordless MFA.

Online login with QR-code

When your computer is connected to Internet you can simply login to your machine by scanning an idemeum QR-code with idemeum mobile app.

  • Access your computer. You will be presented with a QR-code.
  • Open idemeum mobile app, click Login and scan idemeum QR-code. Approve login with biometrics.
  • Now you're logged into your computer.

Offline login with one-time code

When your computer is offline and not connect to Internet, we provide a convenient way to login with secure one-time code.

  • Access your computer, and since you are offline you will be presented with username and one-time code screen\
  • Open idemeum mobile application and in the list of applications find the computer that you want to log into
  • Click on ... and you will be presented with one-time code that you can use to login into Windows desktop
  • Enter your username and one-time code into windows login screen to access your computer
Table of Contents
Great! Next, complete checkout for full access to idemeum integrations.
Welcome back! You've successfully signed in.
You've successfully subscribed to idemeum integrations.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.