Group policy Screen

This screen is used to display and configure group policy information.

Group policy

  • 1. Add icon
    Button icon for adding a new group policy.

Group Policy List

Lists the registered group policies.

  • 2. Policy name
    Displays the name of the policy.

  • 3. Updated
    Displays the date when the policy information was updated.

  • 4. Edit icon
    Button icon for editing the name of a group policy.

  • 5. Delete icon
    Button icon for deleting a group policy.

Two-Factor Authentication Settings

Click the “Two-Factor Authentication Settings” tab to switch the display. This setting affects the PC with the client software installed.

logon Item

  • 6. Cache logon expiration
    Sets whether or not to allow logon when the PC is offline.

  • 7. Limited sign-in options
    This setting limits the sign-in option to FIDO Logon only when logging on to a PC, and prevents logging on using other methods.

  • 8. Logon to authenticator-less account
    Sets restrictions on logon for Windows accounts with unregistered authenticators.

    “Log on with password only for the first time and enforce authenticator registration” is available only in client tool version 3.1.0.1 or later. For earlier versions, it will be “Deny logon”.

  • 9. Authentication failure lockout
    This setting is to lock the PC according to the number of failed authentication attempts when logging on to the PC.

  • 10. Auto unlock
    This setting is to automatically unlock the device when authentication failure lockout is performed.

  • 11. Deny logon with a smartphone
    This setting prohibits the use of smartphones as authentication devices.

Software Item

  • 12. Credential management mode in the Setting tool
    Configure the authenticator registration and deletion operations that can be performed using the YubiOn FIDO Logon Configuration Tool.

  • 13. Screen lock when authenticator is removed
    Sets the behavior when the authenticator used for PC logon is removed.

  • 14. Uninstall control
    Change the display of YubiOn FIDO Logon in the list of “Apps and Features” in Windows Settings and configure the settings to control that end users cannot easily uninstall the client software.

Remote Desktop Item

  • 15. Override log-on timeout seconds
    Overrides the timeout seconds between connecting to the remote desktop and completing the logon; the default setting in Windows is 30 seconds.

  • 16. Reset button
    This button resets the changes to the state before the changes were made.

  • 17. Update button
    Click this button to confirm the changes.

Group policy

PC Settings

Click the “PC Settings” tab to switch the display. Lists the PCs to which the currently selected group policy is applied.

  • 1. Add icon
    Button icon for adding a PC to the currently selected group policy.

PC List

  • 2. PC name
    Displays the name of the PC.
  • 3. PC synced
    Displays the date and time when the target PC last retrieved the currently selected Group Policy setting.
  • 4. Status
    Displays the status of whether the target PC is getting the currently selected Group Policy settings.
  • 5. FIDO auth
    Displays the usage status of YubiOn FIDO Logon on the target PC.