Skip to main content
Skip table of contents

Windows Components 3.7.3

This release introduces new features and improvements to the Credential Provider (CP) and Veridium Registration Authority (RA).
There are no backwards compatibility limitation, it can be used together with older VeridiumID Server versions.

Credential Provider (CP) 3.7.3 (Part of Server Release 3.7.2):

New features in CP 3.7.3 (part of 3.7.2 server release):

  • Delegation Support:

    • Introduced support for shared accounts, allowing authentication to be delegated to defined user groups.

    • Recommended configuration: Implement separate authentication journeys for shared accounts (e.g., "CP_Delegate") and standard user accounts.

    image-20250225-090648.png

    CP_Delegate Journey example with two authentication steps:

    image-20250225-091025.png

    QR Code Display Customization:

    • Control QR code placement on the main screen using the following registry key:

      • [HKEY_LOCAL_MACHINE\SOFTWARE\VeridiumID\VeridiumAD]

      • "EnableOrchestratorUserQROnList"=dword:00000001

    • Setting the key to 1 displays the QR code next to the user list.

    • Setting the key to 0 displays the QR code as a list item.

    image-20250225-092521.png

  • Passkey Support:

    • Enabled direct support for resident passkeys containing usernames.

    • Activate passkey functionality by enabling the "Passkey" option within the Selector start object.

    image-20250225-090823.png

Veridium Registration Authority (RA) 3.7.3:

  • Enhanced Certificate Request for KeyFactor EJBCA:

    • Added the 1.3.6.1.4.1.311.25.2 attribute with the ObjectSID value to certificate requests when using KeyFactor EJBCA.

    • This feature is enabled when the AddUserSIDToCertRequest key is set to true.

    • This Object Identifier (OID) enhancement strengthens certificate-based authentication by including the Security Identifier (SID) of the associated Windows account in the certificate.

    • This is in line with Microsoft's updates regarding strong certificate mapping.

    • Relevant Microsoft documentation: https://support.microsoft.com/en-au/topic/kb5014754-certificate-based-authentication-changes-on-windows-domain-controllers-ad2c23b0-15d8-4340-a468-4d4f3b188f16?utm_source=chatgpt.com

    • Please note that Microsoft plans to enforce strong certificate mapping on Active Directory Domain Controllers (DCs) starting with the February 11, 2025 security update.

    • A compatibility mode, that can be enabled by setting the StrongCertificateBindingEnforcement registry key to 1 on all DCs, is available until the September 10, 2025 security update.

Windows Credential Provider v.3.7.3 build 300: 

Filename

md5

Description

VeridiumADInstaller_x64_3.7.3.0-300.msi

f4d97414c6d8d7298854e5068bbfc0a3

Windows Credential Provider 64bit

VeridiumRAEP_x64_3.7.3.0-300.msi

1490da30afea1e897a1b59e7c4f2866b

RAEP GUI Installer

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close