There are two credentials databases / controllers to consider in the event that a machine is not connected to the network.
One is the Windows Active Directory domain controller. This may or may not be running on the same machine that the on-premise
GateKeeper Hub server software is installed on. This controller is in charge of the actual Windows usernames and passwords and has the final say in whether or not a user may log in to any particular machine. Windows caches this information locally on each client machine where it is used, and so you can log in to any client machine with your Windows username and password, as long as that credential has been used within the expiration window set in Active Directory.
The GateKeeper authentication sits on top of Windows Active Directory. GateKeeper encrypts and caches user credentials on local computers after each sync with the GateKeeper Hub server so that users can be authenticated through GateKeeper even when they're not on the network. This allows two-factor authentication (Factor 1: GateKeeper token's presence and Factor 2: the user's PIN) to login with Windows in accordance with NIST compliance standards.
However, while the computers are offline (they're not on the same network that the on-premise GateKeeper Hub is on), there are certain administrative tasks (such as updating your account information with new passwords, adding a new token, adding a new user, adding new credentials) that cannot be applied to the end user until they're back online (reconnected back to the same network that the Hub is on). Client-side logs will be cached until computer is reconnected to the server, at which point they will sync.
That being said, even if a GateKeeper user has a valid Windows credential registered, they may not be able to log in to a certain computer if that credential had not been used within the Active Directory expiration window AND the computer cannot reach the Active Directory server.
If you have any further questions, IT problems that need to be addressed, or compliance problems that need to be solved, please visit www.gkaccess.com or contact us at info@gkaccess.com or (240) 547-5446 to see how GateKeeper Enterprise can automate digital security for your end users and admins.
![GateKeeper_proximity_authentication_Enterprise_MFA_2FA_ScreenshotOfLockScreen_GateKeeper_proximity.png](/hc/article_attachments/360070426134/GateKeeper_proximity_authentication_Enterprise_MFA_2FA_ScreenshotOfLockScreen_GateKeeper_proximity.png)
-------------------------
How does GateKeeper authenticate Windows 7 and Windows 10 users when offline; How does GateKeeper authenticate Windows users when not on the network?; How does GateKeeper authenticate users when not on the network?; How does GateKeeper authenticate users when offline?; How does GateKeeper authenticate Windows 7 and Windows 10 users from a different network?; How does GateKeeper authenticate users from a different network?; How does GateKeeper authenticate users from home?; How does GateKeeper authenticate Windows 7 and Windows 10 users from another network?; How to authenticate users from a different network?; How does GateKeeper authenticate Windows 10 users from a different network?; How does GateKeeper authenticate Windows 7 users from a different network?; How does GateKeeper authenticate Windows 8 users from a different network?; How does GateKeeper authenticate users when not on the network?; How does GateKeeper authenticate users when not on network?;
Comments
0 comments
Please sign in to leave a comment.