This article provides the details for configuring the SDO Workstation Authentication App and installing it on Windows-based workstations.
Authentication Installer Download
Download the latest version of the Octopus Desk Installer using the link below. The archive file contains an MSIUpdater client for configuring the Authentication app, as well as the app executable for 32-bit and 64-bit versions of Windows. Upon downloading the file, we recommend extracting it to a convenient location on the workstation.
Configuring the Octopus Authentication Installer
- In the Control Panel, click on My Services from the left-hand menu.
- Click on the Secret Double Octopus vendor band to expand it.
- Under the expanded vendor band, click on the Services tab.
- Click on the Edit button for Workstations.
- Click the Service Metadata tab.
- Click the Download XML File button. Save the XML file to the same location where you saved the Octopus For Mac Configuration and Installer files.
- Install the Odesk MSIUpdater on the system on which you will be building the MSI installer.
- Once the install has completed, it will automatically launch the Octopus MSIUpdater software
- In the Target File section, click the Browse button and select the Odesk For Windows 64bit.msi OR Odesk For Windows 32bit.msi depending on your version of Windows.
- Beneath the Parameters section, click Load from XML, and browse to the XML file that you downloaded in Step 6.
- Select the Authenticator used by your organization from the Authenticators list. Most organizations will use the Octopus App.
- Click Next
- In the Settings page, select the following options:
Default Credential Provider
Use Last User Name
Local User Support (if you are not using External AD Authentication through SDO)
- Click Next
- The MFA screen allows you to use Octopus Authentication in MFA mode. When enabled, users will need to enter their passwords AND authorize the login with the Authenticator app. Check the Enable Multi-Factor Authentication (MFA) box to enable MFA mode, or leave it unchecked to use password-less authentication.
- Click Next
- OPTIONAL To use your own custom logo on the workstation login screen, click the Browse button beneath Organization Logo and browse to a bmp file of your custom logo image.
- Click Next.
- In the SysTray page, select whether to show the Odesk SysTray icon. At the bottom of the tab, enter a value for the frequency at which the system tray checks if the user is connected and if the password is still valid. If your organization has a password expiration policy, this is useful to ensure a user is logged out of their workstation session after their password has expired, requiring them to re-authenticate the workstation session. Values range from 0 (to disable the check) to 43200 (every 30 days).
- Click Next.
- In the CredUI tab, select the scenarios in which an MFA prompt will not be required. For any scenario where the Bypass option has not been selected, the Authenticator prompt will be presented. If a Bypass is selected, the traditional Windows username/password prompt will be presented.
- Click Next.
- Click Apply. Please note that the errors shown on this page are normal and expected, as the MSI Updater will test a number of settings and scenarios that do not apply for the Authentication app.
- The updated MSI file will be saved in the same directory that contains the msi installer that was selected as the target file. The file is automatically date and time stamped with the creation information.
The Octopus Application Installer is now ready to install on your workstations. You can rename this file as desired, and distribute it to your workstations via a shared network drive, USB flash drive, or any other file transfer method.
Installing the Authentication App on Workstations
The Octopus Authentication Installer requires an update to the Microsoft Visual C++ 2015 Redistributable. If it has not already been installed on your workstation, it can be downloaded from Microsoft using the following link. Please ensure the update is installed on any Windows-based workstations that will authenticate with SDO prior to running the Octopus Authentication installer.
To install the Octopus Authentication app on a workstation, use the following steps:
- Right-click the Windows Start Menu button.
- Click Windows PowerShell (Admin)
- In the PowerShell window, navigate to the location of the Octopus Authentication installer.
- Enter the name of the installer file and hit Enter to launch the installer.
Note: To run an executable in the Powershell window, you must include .\ before the executable file name. You can generally type .\ plus the first few letters of the installer file, and then hit the Tab key on your keyboard to auto-fill the rest of the filename. We recommend moving the newly built msi installer file to a separate directory before trying to run it in Powershell to make this process easier.
- Complete the installation of the Octopus Authentication app using the wizard.
- Once the installation is complete, we recommend rebooting the workstation.
The workstation is now set up to allow authentication via SDO. When accessing the workstation, users will see the following Login screen:
Users should enter their local username in the "User Name" field. This field should also match the Alias that was entered in the Workstation Users tab of the Control Panel. Users should enter their Control Panel/SDO username (typically their email address) in the "Account" field.