Windows Credential Provider Best Practices Follow
When onboarding a new client, care should be taken to not go too fast to make sure things are working correctly before making the Evo Credential Provider the sole credential provider on a machine. If the settings are wrong, a user/client could be locked out of their computer.
Steps to Follow
- Install the Evo Credential Provider
- DO NOT select the feature “Evo Login Provider”
- ensure the Environment URL is prefixed with
- ensure an access token is filled if authentication mode is
Secret Keycan be blank if installing over a previous installation was
- Immediately after installation
- DO NOT logoff — stay logged into the same session
- Start Evo Settings Editor
- Verify that the user can successfully connect with a Windows username
- Do not move on until successfully connecting. If you cannot connect, verify that the Environment URL and Evo Directory are correct. You can change the settings in the same Evo Settings Editor
- Lock the current session and then try to unlock using the Evo Security login tile. (Other tiles should be available at this point). Make sure you can unlock.
- If you are convinced all settings are correct. Then in the Evo Settings Editor select the
Evo Login Onlycheckbox and click the
- If you want to save the settings in a JSON file for another installation, start an elevated PowerShell session and run the command
"C:\\Program Files\\EvoSecurity\\EvoSecureLogin\\EvoCredProSettings.ps1" -generateWith the command, you can either dump it to the screen or re-direct it to a file.
- You can then use the JSON file to install the CredPro on all computers in the domain using the Evo Installation Script (or using ConnectWise RMM)
Script - https://download.evosecurity.com/release/installers/evoinstall-latest.zip
Please sign in to leave a comment.