Advanced Configuration Wizard

Any new installation of the Bomgar Verify Security Server requires the user to step through each tab within the Advanced Configuration Wizard. This is essential in order to finalize the install, to implement batch services, and to start the services. These actions can occur only after the user has clicked Continue on each tab. A warning appears on the screen if the user attempts to exit without completing everything within the wizard.

LDAP tab

LDAP Tab

Enter all details about the web server. The web server is the machine hosting and operating the Bomgar Verify Admin Graphical User Interface (GUI).

  1. Select the Directory Type: Microsoft Active Directory (AD), Novell eDirectory, Managed Users (Microsoft LDS), OpenLDAP, or Sun Directory Server.
  2. Enter the domain name for Primary Domain 1. Information entered for Primary Domain 1 should reflect the domain where the AD resides.
  3. Press Tab. Move the cursor into the Enter UserID field of the Search for DN section.
  4. Type the name of the account that manages the Bomgar Verify server.
  5. Click Get DN of UserID. This action automatically populates the DN account details, providing the user is logged on as the domain administrator for the domain.
  6. Click Example to see an example of the administrator DN as provided directly from AD.
  7. If correct, enter the password for the account.
  8. Enter the name(s) of the AD server(s).
  9. If SSL certificates have been deployed on the AD servers, LDAPs on port 636 can be used by checking the Use SSL box.
  10. Note: LDAPs generally require a fully qualified server name.
  11. After completing the required fields, test the connection to the server(s) by clicking Test Server 1 or Test Server 2.
  12. If OK is returned, click Continue. If OK is not returned, error messages display and must be rectified before continuing.

Note: LDAPS generally require the server name to be fully qualified. If "Use SSL" is selected, the server name MUST be the same name as set in the common name of the Directory's server certificate.

  1. If an additional domain is needed, click Add New Domain.
  2. Enter the LDAP settings for the new domain. The web server information does not need to be changed.

Note: The Net Bios Name is optional and needs to be sets only if the UserID log on uses the net bios name.

Note: If Use SSL is selected, the server name MUST be the same name as set in the common name of the Directory's server certificate.

  1. Once all information has been entered and a successful test completed, click Continue. A message displays in the wizard, confirming the batch services have been installed.
  2. Click Save and Continue.

Note: Any combination of Vendor LDAP servers is supported in any order. Each domain is configured with its own Bomgar Verify administration account for read and write permissions. Each Domain MUST share the same Bomgar Verify administration account, or secondary servers in the same domain will to batch master. This can cause the batch server to run many times and to send multiple passcodes within a single day.

eMail tab

eMail Tab

  1. Enter the IP address for the SMTP server in the Email Server Host field.
  2. Enter the Admin Email Address for the SMTP server.
  3. Check Authentication is required.
  4. Enter the necessary details needed for the SMTP server to require authentication.
  5. To support SMTP servers using TLS, check Use SSL (TLS).
  6. Send a test email by entering information into the Send Test Message To field.
  7. Click Test Email Server.
  8. If the test was successful, click Continue.

Note: Please ensure that the SMTP server has been setup to allow relays from the Bomgar Verify server.

 

IIS URLs tab

IIS URL TAB

The IIS URLs are viewed and maintained from this tab, and if the server supports HTTPS, the information can be configured here.

  1. Check This IIS Server Supports https.
  2. Enter the URL of the web server host.
  3. Check Advanced Settings - Manage External URLs.
  4. Enter URL information in the URL's section. These URL values are included in the system-generated emails sent to users.
  5. Click Save and Continue.

 

 

 

SMS/Voice Gateway tab and Multi-Gateway Support

SMS/Voice Gateway Tab

Multiple gateways can be configured and maintained via the SMS/Voice Gateway tab. It is possible to setup as many gateways as needed. Bomgar Verify supports various gateway types, like WebSMS, Voice, and Serial or TCP IP modems. The gateways can be configured based on priority and can easily be disabled using the wizard. The priority order of the gateways is controlled using Up and Down. The gateways can be restricted per country to allow the user more control over which service is used for certain countries. This is to help overcome difficulties sending SMS messages in countries that might not support advanced SMS features, such as flash messages and SMS overwrite.

Once the priority order set, the priorities can be tested by clicking Test Connection....

 

Web SMS Gateway tab

SMS/Voice Gateway Tab

  1. Select Add to install a Windows service that communicates with a web-based SMS gateway. An account is required to use any selected web SMS provider.
  2. Enter the UserID and Password information for the account.
  3. Click Proxies. Enter the proxy information, if needed.
  4. Once completed, click Test Connection. If the test is successful, a message appears indicating SMS Gateway responded OK.
  5. Enter dialing codes for countries that should serviced by this modem in the Restrict to country field. To restrict a modem to a certain domain, make a selection from the Restrict to domain.
  6. If errors appear, click the link in Click here to browse to gateway to manually check a web conection. If the web browser connection is responding, a Fail Auth should be returned. This message is returned because no account information was sent; however, it proves the SMS Gateway server can be reached and a response received.

Bomgar Verify can connect to many web-based SMS providers; however, a new template may be required.

 

Modem

Modem Gateway

  1. Select Add to install a Windows service that communicates with an SMS modem. The SMS modem is a serial GSM device attached directly to the Verify server's serial interface. This option allows a corporation to use its own SIM chip from their Telco and take advantage of any free or group SMS call rates.
  2. To configure the Phone Gateway, make sure the device is connected and powered on.
  3. The following are configurable options:
    1. Select a Connection: Choose whether the connection occurs via a Serial/USB or TCP/IP.
    2. Select a Serial Port: Select a serial port.
    3. Select Baud Rate: Select the appropriate baud rate.
    4. Send Simple Text: When enabled, this option allows SMS messages to be sent in simple mode. Use this feature if the Telco operator does not support message overwrite (PDU mode).
    5. Restrict to country: Enter dialing codes for countries that should be serviced by this modem.
    6. Restrict to domain: Select whether to restrict service to a certain domain.
  4. When complete, click OK. The test carries out an ATI and signal strength test. Version is shown as well as signal strength information.

Note: Signal strength is measured from 0-31. An acceptable figure is 16 or above.

 

Voice

Voice Gateway

A Voice gateway is configured similar to a web SMS

  1. Select Add to install a Windows service that communicates with a web-based Voice Gateway.
  2. Enter the UserID and Password account information. This is provided by the web voice provider.
  3. Click Proxies. Enter th proxy information, if needed.
  4. Once completed, click Test Connection. If the test is successful, a message appears indicating Gateway responded OK.
  5. Enter dialling codes for countries that should be serviced by this modem in the Restrict to country field. To restrict a modem to a certain domain, make a selection from Restrict to domain.

 

Mail SMS

Mail Gateway

  1. To allow a third-party facility to have the ability to send SMS messages via a SMTP server, configure a gateway and include it in the prioritized list of gateways.
  2. Select Add.
  3. Complete the Address Format field, which should be similar to #MOBILENUMBER#@atyourprovider.com.
  4. If the Telco provider allows modifications to the Subject Format and Body Format fields, modify these as well.
  5. Enter dialling codes for countries that should be serviced by this modem in the Restrict to country field. To restrict a modem to a certain domain, make a selection from Restrict to domain.

 

 

Push

Gateway Push

The following push notification gateway service connections can be tested from the Push tab by clicking Test Connection:

  • ApplePushService
  • GoogleCloudMessaging
  • MicrosoftPushService

The test connection returns a status, and a trace is displayed if desired.

 

 

 

Proxy for Web Services

Proxies

If the organization requires the use of a proxy server, click Proxies.

 

Proxy Settings

Enter the proxy settings.

Once the properties for the proxy server are saved, the user can select the proxy when configuring individual gateways for web services.

Note: To configure proxies for multiple gateways, proxies must be enabled individually for each gateway.

 

 

 

RADIUS Tab

RADIUS Server Configuration

By default, Bomgar Verify uses RADIUS port 1812. If this port is already in use, the user can change this setting. Once Update is selected, the RADIUS batch service starts.

IMPORTANT

For new installations, it is important to know that the Advanced Configuration Wizard is not allowed to close until all tabs have been updated. This is to ensure the batch services start with the correct information.