Quest for BlackBerry Administration Guide What is the Quest

Quest® Soft Token for BlackBerry
Administration Guide
What is the Quest® Soft Token for BlackBerry?
The Quest Soft Token for BlackBerry token software is available from the BlackBerry App World or can
be installed using BlackBerry Desktop Software or by using the provided JAD file.
The Token can be programmed as either a synchronous OATH compliant token or as an asynchronous or
challenge/response token using Defender SNK, AES or 3DES encryption.
The picture above shows an example of the Quest Soft Token for BlackBerry displayed on a
BlackBerry Device. The token response ‘50764373’ is used as the One Time Password (OTP) when
prompted to authenticate.
About this Guide
This guide provides instructions for administrators, when using Defender as the authentication server.
Quest Soft Token for BlackBerry Administration Guide
Defender Administrators
Programming a Quest Soft Token
for BlackBerry
Defender Pre-requisites
When using Defender as the authentication server for the BlackBerry the following software versions are
required:
•
Defender Administration Console – 5.3.0.412 or later
•
Defender Security Server – 5.3.0.470 or later.
These are available from Quest SupportLink at http://support.quest.com.
How to Program the Quest Soft Token
for BlackBerry
The Quest Soft Token for BlackBerry is programmed in the same way as Defender Desktop Tokens. The
following example describes how to program a Quest Soft Token for BlackBerry for an individual user.
1. Using Active Directory Users & Computers (ADUC), open the Properties dialog for the required
user and select the Defender tab.
2
Quest Soft Token for BlackBerry Administration Guide
2. Select Program to start the Token Programming Wizard.
3. Click Next to display the Token Types dialog.
4. Select Defender Desktop Token.
5. Click Next. The Defender Desktop Token Types dialog is displayed.
3
Quest Soft Token for BlackBerry Administration Guide
6. Select Blackberry.
7. Select Enable time limited token activation if required. This feature sets a time period in which a
token must be activated. Select Next.
8. Select which Token Mode you require, select Next.
9. Click Next. The Checking User License dialog is displayed.
4
Quest Soft Token for BlackBerry Administration Guide
10. Click Next to program the token and display the Save Activation Codes dialog.
In the example shown below, the Quest Soft Token for BlackBerry activation code for this user is
saved to a file and the file is saved to the current desktop. An email is also sent to the user
containing there activation code. These options can be changed as required.
11. Click Next. The Defender Token Programming Complete dialog is displayed.
12. Click Finish.
5
Quest Soft Token for BlackBerry Administration Guide
13. The Quest Soft Token for BlackBerry has now been created and assigned to the user’s account and is
displayed in the Token Management section of the username Properties - Defender tab as
shown below.
The activation code for this token is contained in the text file created in step 10 or may be sent in an
email to the user. An example is shown below.
Send the activation code to the user – please refer to the Defender 5.7 Quest® Soft Token for BlackBerry
User Guide for details on activating and using the Quest Soft Token for BlackBerry.
6
Quest Soft Token for BlackBerry Administration Guide
Distributing the Quest Soft Token
for BlackBerry using the JAD File
Defender versions 5.6 and later support the use of a JAD file for the distribution of the Quest Soft Token
for Blackberry. The JAD file, QuestSoftToken.jad, is included on the installation CD in the
Tokens\BlackBerry Token folder. Both the JAD and COD files are required for web based deployment.
The following sections describe how to configure IIS 6 and IIS7 to deploy the BlackBerry JAD file, and
provide an example web page.
IIS 6
1. Open IIS Manager and right-click the required web site.
2. Select Properties.
3. Select HTTP Headers.
4. Select MIME Types.
5. Add the following two new MIME types:
Extension
Jad
Cod
MIME Type
text/vnd.sun.j2me.app-descriptor
application/vnd.rim.cod
6. Copy the DefenderBlackBerryToken4.jad and DefenderBlackBerryToken4.cod files to your
web site. The files should be located in the same directory on the installation CD, in the
Tokens\BlackBerry Token\For devices running OS 4.1 and above.
7
Quest Soft Token for BlackBerry Administration Guide
7. Create or modify an existing web page to link to the DefenderBlackBerryToken4.jad file. A
simple example is provided:
<html>
<head><title>Quest Soft Token for Blackberry - Download</title></head>
<body>
<a href="QuestSoftToken.jad">Download Software</a> </body>
</html>
8. Restart the web site for the changes to take effect.
IIS 7
1. Open ISS Manager and select the required web site.
2. Select MIME Types and Open Feature.
3. Select Add and add the following two MIME types:
Extension
Jad
Cod
MIME Type
text/vnd.sun.j2me.app-descriptor
application/vnd.rim.cod
4. Copy the DefenderBlackBerryToken4.jad and DefenderBlackBerryToken4.cod files to your
web site. The files should be located in the same directory on the installation CD, in the
Tokens\BlackBerry Token\For devices running OS 4.1 and above.
5. Create or modify an existing web page to link to the DefenderBlackBerryToken4.jad file. (See
the previous example).
6. Restart the web site for the changes to take effect.
Refer to the Defender 5.7 Quest® Soft Token for BlackBerry User Guide for information on how to install
the Quest Soft Token for BlackBerry using the configured web page.
© 2012 Quest Software, Inc. ALL RIGHTS RESERVED.
Quest, Quest Software, the Quest Software logo and Defender are trademarks and registered trademarks of Quest
Software, Inc. in the United States of America and other countries. Other trademarks and registered trademarks are
property of their respective owners.
8