Configuring Local Machine Logon

Getting Started

To configure trulyMEid’s Local Machine Logon multi-factor authentication (MFA) utility for Windows, you’ll need

Admin access to the Windows computer
the trulyMEid Local Machine Login install package (contact support@trulyMEid.com for your download link)
your specific configuration from your trulyMEid support representative

Install

The Local Machine Logon executable is a self-contained executable. As such, it does not need to be “installed,” and it does not require any additional support files.

Place the Local Machine Logon executable in a directory of your choice. To ensure that it runs at each user logon, add a key to HKLM\Software\Microsoft\Windows\CurrentVersion\Run with the key name “trulyMEid” a value of the full path to the Local Machine Logon executable. (https://docs.microsoft.com/en-us/windows/win32/setupapi/run-and-runonce-registry-keys)

In a corporate environment, setting this entry across multiple domain-joined machines is best achieved via GPO.

Configure trulyMEid

By default, the trulyMEid Local Machine Logon utility is configured to use your “my trulyMEid ID” as a second factor for authentication after logon. To change this configuration to use your corporate ID, configure the following registry entries according to the values provided by your trulyMEid support representative.

Relying Party Identifier is what identifies your organization to trulyMEid. This value will be given to you by your trulyMEid support representative. (HKLM\SOFTWARE\trulyMEid\RelyingPartyIdentifier)

Private Key (Base 64) is a unique private key for your organization. This value will be given to you by your trulyMEid support representative. (HKLM\SOFTWARE\trulyMEid\RelyingPartyPrivateKeyBase64)

trulyMEid API URL is the base URL for the trulyMEid AD FS API. Unless otherwise specified by your trulyMEid support representative, this value should be “https://fast.trulyMEid.com” (without a trailing “/”).(HKLM\SOFTWARE\trulyMEid\trulyMEidBaseUrl)

trulyMEid API Endpoint is the API endpoint for the trulyMEid AD FS API. Unless otherwise specified by your trulyMEid support representative, this value should be “/api/ADFS/” (with a trailing “/”).(HKLM\SOFTWARE\trulyMEid\trulyMEidEndpoint)

trulyMEid Public Key is a unique public key for interactions between trulyMEid and your organization. This value will be given to you by your trulyMEid support representative. (HKLM\SOFTWARE\trulyMEid\trulyMEidPublicKeyBase64)

In a corporate environment, setting these entries across multiple domain-joined machines is best achieved via GPO.

Getting Started

Install

Configure trulyMEid

Please Share This Share this content

You Might Also Like

My device never showed the popup with the code for multi-factor authentication

Registering the Windows App for the First Time

I forgot my PIN. Can you help me recover it?

Leave a Reply Cancel reply

Share this content