The Imprivata Credential Provider

This topic describes how to override log in and locking of workstations with the Imprivata credential provider and use the Windows credential provider instead, and how to turn off this override and revert to the Imprivata credential provider. By default Windows workstation access is managed by the Imprivata credential provider:

  • When the Imprivata enterprise has an Authentication Management or Single Sign-On license, and

  • The computers are included in any Imprivata computer policy, and

  • The computers have the Imprivata agent installed.

However, you may want to use the Windows credential provider for some computers in your enterprise: Your enterprise has merged with another enterprise that uses Imprivata software, but is not licensed for Authentication Management or Single Sign-On.

Imprivata OneSign allows you to manage what credential provider is used by turning off the Imprivata credential provider by computer policy.

Configure Workstations to Use the Windows Credential Provider

When this section is complete, desktop access to these workstations will not be administered by Imprivata. Your user database (Microsoft Active Directory, for example) will authenticate your users for desktop access. Imprivata can still be configured to authenticate other workflows at these workstations, such as order signing with Imprivata Confirm ID.

  1. In the Imprivata Admin Console, go to ComputersComputer Policies.

  2. Select a computer policy where the Windows credential provider must be used.

  3. On the General tab > Desktop experience section, select Override log in and locking of the Windows workstation.

  4. Select Use Windows credential provider.

  5. Click Save.

Configure Workstations to Use the Imprivata Credential Provider

If you have configured the Windows credential provider for some computers in your enterprise (as described above), you can later restore the use of the Imprivata credential provider: for example, you are expanding your enterprise's use of Authentication Management or Single Sign-On. If you add an Authentication Management or Single Sign-On license to your enterprise, you must also turn off this override.

When this section is complete, desktop access to these workstations will be administered by Imprivata:

  1. In the Imprivata Admin Console, go to ComputersComputer Policies.
  2. Select a computer policy where the Imprivata credential provider must be used.
  3. Go to the General tab > Desktop experience section.  If the Windows credential provider is in use, Override log in and locking of the Windows workstation is selected here.
  4. Uncheck Override log in and locking of the Windows workstation.
  5. Click Save.

NOTE: If you need turn on the Imprivata credential provider to enable Imprivata ID for Windows access, see Imprivata ID for Windows Access.