Posted: 11/3/2009, Updated: 2/11/2014
In the Console there are settings that allow users to auto-save encrypted .idf results files to the local or network storage locations. In order to configure the auto-save, encrypted password hashes are required to be input into the Console policy settings. Specifically, the settings affected are:
To obtain an encrypted password hash, follow these steps:
- Launch the Identity Finder client on any Windows system. Note: If the client is connected to the console and the SaveKey setting is defined in a System Policy applied to the endpoint, this process will fail and must be performed on a different endpoint.
- Create or log into an Identity Finder profile. It is necessary to use a profile to ensure that the necessary values will be written to the registry. When the Guest profile is used, the registry will not be updated.
- Open the Settings dialog by clicking on the application icon (icon of a dog's head in the upper left hand corner of the main window of the application) and choose the Settings button.
- Select the Scheduling page.
- Check the Schedule a search checkbox.
- Check the Automatically save results securely with a password checkbox, and for the File Location put in C:\temp.idf
- In the Enter Password and Confirm Password boxes enter the password you wish to use.
- Click OK to save your settings and close the Settings dialog.
- A dialog box will come up to schedule a task with the Windows operating system. The dialog requires a valid Windows account and credentials. By default the currently logged on Windows username will be in the Enter User Name field. For the Enter Password and Confirm Password dialogs put in your Windows password associated with the provided Windows user account. Once the credentials are entered, click OK.
- Minimize the Identity Finder Client and open up regedit (Start -> Run, type regedit and hit enter or click OK).
- In regedit navigate to the following key: HKEY_CURRENT_USER\Software\Identity Finder\Client\Settings\ScheduledTask
- Double click on the SaveKey value name on the right and in the Value data field, copy out the text.
- Open up and log in to the Console and navigate to Policy Management -> [Policy Name] -> Settings -> Settings -> ScheduledTask -> SaveKey
- Double click on the SaveKey and paste the value from step 12 into the data field, then click OK.
- The Console Policy now contains the same password you typed into the Identity Finder Client settings dialog.
- Close regedit by hitting Cancel on the SaveKey edit dialog, then choose the menu File -> Exit.
- Open up the Settings dialog in the Identity Finder Client and navigate to the Scheduling page, uncheck the Schedule Identity Finder checkbox and click OK to save settings.
- Exit the Identity Finder Client by clicking the X in the upper right hand corner of the main window.
The steps above can be repeated for the SaveKey2 value as well.