Starting with IDERI note Release 3.3, messages can now also be received on mobile devices running Apple iOS/iPadOS or Google Android. Depending on your configuration, IDERI note messages can be received on such devices even outside of the internal company network. For this purpose we’ve developed new IDERI note components which we would like to introduce to you here.
New IDERI note components for mobile device support
The integration of IDERI note into an existing MS Active directory has always been (and still is) a big advantage of IDERI note, as this does not require maintenance of users in two different systems. Since we want to retain this advantage, we have been challenged with finding a way for a secure authentication and identification of AD users using this app.
So far, IDERI note has only employed the integrated authentication mechanisms of Windows, which are not available on mobile operating systems. As a consequence, a connectorion between the mobile app and the IDERI note server had to be created, the IDERI note gateway component.
The IDERI note gateway enables Active Directory users to authenticate themselves from within the mobile device app, so an IDERI note message destined for the AD user is not only displayed on the user’s Windows clients, but also on the user’s mobile devices.
The purpose of the IDERI note Gateway is to verify the user’s AD credentials against the AD user database only once. If the login is successful, the gateway will issue a certificate as a response to the client, which will authenticate the user in all subsequent communication of the app with the gateway. The connection between the mobile device and the gateway is completely encrypted with SSL/TLS (TLS 1.2 2048 bit RSA SHA256).
The gateway offers a wizard to guide you through the initial setup.
Client certificates issued by the gateway can subsequently be managed using another new component, the IDERI note Certificates MMC snap-in. The MMC snap-in can be loaded into the Microsoft Management Console (mmc.exe), which is an integrated component of Windows. Using this snap-in, certificates that have already been issued by the IDERI note gateway can be activated, moved into quarantine or deleted in order to restrict or allow client connections.
You can find more information on the new components in our updated online documentation.
The new IDERI note iOS/iPadOS and Android App