- 13 Dec 2024
- 4 Minutes to read
- Print
- DarkLight
- PDF
Install the Axiad Portal Extension Component
- Updated on 13 Dec 2024
- 4 Minutes to read
- Print
- DarkLight
- PDF
You can manually install the Axiad Portal Extension on a single browser, or, if you want to install it on multiple users' machines, you can automate the installation using Group Policy Objects (GPOs) or a third-party IT management solution.
WARNING
Ensure you have the Axiad WebPCSC component installed on your machine prior to installing the Axiad Portal Extension.
Manually Install and Validate the Axiad Portal Extension
Install on Google Chrome
Open Chrome.
Navigate to the Chrome web store.
In the search bar, enter Axiad Portal Extension.
Click Axiad Portal Extension.
Click Add to Chrome.
A pop-up message displays.Click Add extension.
The Axiad Portal Extension installs, and displays on your Chrome extension page.Browse and sign in to your Axiad Conductor site.
The MyIdentities page displays by default.Validate the extension:
On the MyIdentities page, click Add Identity Device.
An error message displays, informing you that the WebPCSC extension is not yet enabled.To the right of your address bar, click the Axiad Portal Extension icon.
A pop up displays, asking for access to your smart cards.Click Always.
The pop up closes.Refresh the page.
The Axiad Portal Extension validates.
Install on Microsoft Edge
Open Microsoft Edge.
Click the Extensions icon, to the right of your browser address bar.
Select Open Microsoft Edge Add-ons.
In the search bar, enter Axiad Portal Extension.
Click Get.
A pop up message displays.Click Add extension.
The Axiad Portal Extension installs, and displays to the right of your browser address bar.At the top right of your Edge browser, click the Extensions icon.
To the right of the Axiad Portal Extension, click ... > Manage Extension.
The Extensions page displays.
Enable Allow inPrivate.
Sign into your Axiad Conductor site.
The MyIdentities page displays by default.Validate the extension:
On the MyIdentities page, click Add Identity Device.
An error message displays, informing you that the WebPCSC extension is not yet enabled.To the right of your address bar, click the Axiad Portal Extension icon.
A pop up displays, asking for access to your smart cards.Click Always.
The pop up closes.Refresh the page.
The Axiad Portal Extension validates.
Automatically Install and Validate the Axiad Portal Extension (Chrome)
Automated Installation via GPO
Install and enable the Google Chrome policy template and WebPCSC value.
Download the Google Chrome policy template from https://dl.google.com/dl/edgedl/chrome/policy/policy_templates.zip and unpack the downloaded zip file.
Copy the entire contents of the Windows\admx folder to your central store for Group Policy Administrative Template files.
(The default location for this is \<domain.fqdn>\SYSVOL\<domain.fqdn>\policies\PolicyDefinitions.)Open the Group Policy Management Console (gpmc.msc).
Either create a new Group Policy Object, or open an existing one you want to edit.
Navigate to either Computer Configuration or User Configuration.
Browse to Policies > Administrative Templates: Policy definitions > Google Chrome > Extensions.
Open the Configure the list of force-installed apps and extensions setting.
The setting dialog box displays.Click Enabled.
In the Options section, click Show.
The Show Contents window displays.Copy the following value for Axiad Portal Extension and paste it in the Show Contents window:
pbabkmdefcmabmlmnkmnlcijhcgmmdnc;https://clients2.google.com/service/update2/crx
Click OK.
Click Apply.
Click OK.
Add new registry keys for domains you want to safelist.
On your machine, navigate to either Computer Configuration or User Configuration folder.
Browse to the Preferences > Windows Settings > Registry folder.
Right-click the Registry folder and select New > Registry Item.
The New Registry Properties dialog box displays.On the General tab, create the following keys for each domain you want to safelist:
Hive: HKEY_LOCAL_MACHINE
Key path: SOFTWARE\Policies\Google\chrome\3rdparty\extensions\pbabkmdefcmabmlmnkmnlcijhcgmmdnc\policy
Value name: noedit
Value type: REG_DWORD
Value data: 1
------------------------Hive: HKEY_LOCAL_MACHINE Key path: SOFTWARE\Policies\Google\Chrome\3rdparty\extensions\pbabkmdefcmabmlmnkmnlcijhcgmmdnc\policy\whitelist
Value name: 1
Value type: REG_SZ
Value data: Provide the domain name here (ex: ucms.domaintest.com)
Open a command prompt.
Run
gpupdate /force
on the Domain Controller at the command prompt.
If your changes do not reflect immediately, you may need to wait for the next default time interval.On the client machine (domain):
Open a command prompt.
Run
gpupdate /force
on the Domain Controller at the command prompt.Open Chrome.
Click Extensions > More Tools to confirm that Axiad Portal Extension is in the Chrome extension list.
Navigate to the HKLM > Software > Policies > Google > Chrome > 3rdparty > extensions > pbabkmdefcmabmlmnkmnlcijhcgmmdnc > policy > whitelist folder to verify the registry keys you created in step 2d display.
Validate the Axiad Portal Extension in the Axiad Conductor.
Log into your Axiad Unified Portal.
To the right of your address bar, click the Axiad Portal Extension icon.
A pop up displays, asking for access to your smart cards.Click Always.
The pop up closes.Refresh the page.
The Axiad Portal Extension is now validated.
Automated Installation via Third-party IT Management Solution
As an alternative to GPO deployments, you can deploy Axiad Portal registry settings via an automated rollout using a third-party IT management solution.
On the remote machine, execute the default registry file below to install and safelist the correct domains:
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Google\Chrome\ExtensionInstallForcelist]
"1"="pbabkmdefcmabmlmnkmnlcijhcgmmdnc;https://clients2.google.com/service/update2/crx"
; WebPCSC Bridge Config (Google Chrome)
[HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\3rdparty\extensions\pbabkmdefcmabmlmnkmnlcijhcgmmdnc\policy]
; Controls whether or not the user may influence the whitelist.
; If true (1), limit the user to only hosts whitelisted ahead of time.
; If false (0), let the user approve or deny access to any host not whitelisted ahead of time.
"noedit"=dword:00000000
[HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\3rdparty\extensions\pbabkmdefcmabmlmnkmnlcijhcgmmdnc\policy\whitelist]
; Provides a preseeded whitelist of hosts that the WebPCSC Bridge will trust automatically.
; Create values of type REG_SZ numbering from 1 to N for as many entries as you desire.
"1"="portal-<UATstack>.demo.axiadids.net"
"2"="portal-<stack>.cloud.axiadids.net"