Setting an AE Policy
A version of this page is also available for
4/8/2010
After installing an AE, you must set the AE policy that is used to verify the user. The subkeys AEFrequencyType and AEFrequencyValue in the HKEY_LOCAL_MACHINE\Comm\Security\LASSD\AE registry key are used to specify the desired settings. For more registry information, see LASS Registry Settings.
Note
Remember that registry settings can only take effect when your application calls LASSReloadConfig or when you reboot your device.
The subkey AEFrequencyType controls the type of frequency counter used for the AE. AEFrequencyValue depends on the value of AEFrequencyType. The following table shows the policy constants corresponding to AEFrequencyType.
| AEFrequencyType Named Constant | Description |
|---|---|
FT_Every_FV |
Use the AE_EVERYTIME event to authenticate the user every number of times specified by AEFrequencyValue. The policy registry settings for AE_EVERYTIME is AEFrequencyType = 0 and AEFrequencyValue=0. These settings cause every application call passing AE_EVERYTIME to authenticate. |
FT_Minutes_Since_Any_AE_Verified |
Authenticate the user if there hasn't been a successful call to VerifyUser for any AE in the last number of minutes specified by AEFrequencyValue. For example, if AEFrequencyType is 2 and AEFrequencyValue is 5, then the user will be authenticated if there has not been a successful call to VerifyUser for any AE in the last 5 minutes. |
FT_Minutes_Since_This_AE_Verified |
Authenticate the user if there hasn't been a successful call to VerifyUser for the specified AE in the last number of minutes specified by AEFrequencyValue. For example, if AEFrequencyType is 2 and AEFrequencyValue is 5, then the user will be authenticated if there has not been a successful call to VerifyUser for the specified AE in the last 5 minutes |