-
Notifications
You must be signed in to change notification settings - Fork 0
Configuration file reference
The user verification module provides the ability to customize its behaviour and appearance using the SharePoint web.config configuration file.
The SharePoint web.config file must have the <lithnetUserVerification> configuration section added to it in order to configure the module.
In the <configSections> element, the following line needs to be added
<section name="lithnetUserVerification" type="Lithnet.ResourceManagement.UI.UserVerification.AppConfigurationSection, Lithnet.ResourceManagement.UI.UserVerification"/>Then the following section can then be added in the body of the web.config file
<lithnetUserVerification
smsServiceProviderDll="%ProgramFiles%\Microsoft Forefront Identity Manager\2010\Service\SmsServiceProvider.dll"
phoneNumberAttributeName="msidmOneTimePasswordMobilePhone"
searchAttributeName="ObjectID"
displayAttributes="DisplayName,AccountName,Domain,msidmOneTimePasswordMobilePhone"
smsCodeLength="6"
showNullAttributes="false"
authorizationSet="Administrators"/>This value specifies the location of the SMSServiceProvider.dll file used to send SMS messages. If not specified, the default value of "%ProgramFiles%\Microsoft Forefront Identity Manager\2010\Service\SmsServiceProvider.dll" is used. This will only work if the FIM portal and FIM service are installed on the same host as this is the path the location that FIM service requires the DLL to be in. In all other cases, the path to the DLL must be specified. Any dependent DLLs must be located in the same folder as SmsServiceProvider.dll, or registered in the GAC.
This attribute specifies the system name of the attribute containing the user's phone number. If not specified, it defaults to the built-in one-time password mobile phone attribute.
This is the name of the attribute passed in using the id URL parameter from the RCDC. By default this is ObjectID, and we recommend not changing this value.
A comma-separated list of attribute system names to display in the user interface. By default, Display Name, Account Name, Domain, and One-Time Password Mobile Phone appear. Additional attributes can be added that will allow the help desk operator to verify the user using other information, if a one-time password phone number is not present.
Specifies the number of digits in the SMS code. By default, this will be 6. A maximum of 9 digits can be specified.
Indicates that the module should display the values of all attributes listed in displayAttributes. By default, any attributes that are null are ignored and not rendered in the UI
Specifies the name or resource ID of a set containing the users that are allowed to use the tool. This value is null by default. When this parameter is not provided, anyone with existing permissions allowing them to read the attribute specified by the phoneNumberAttributeName parameter can use the tool.
Note, that if an authorization set is used, those members must also be granted read permission to the attribute specified in the phoneNumberAttributeName parameter.