The PingID integration for Windows login should be installed individually on each Windows machine requiring the PingID authentication service.
If you are installing PingID integration for Windows login through PingFederate, make sure you have completed all steps in Integrating through PingFederate before installing PingID integration for Windows login on the Windows machine.
Adding any multi-factor authentication (MFA) is a procedure that carries the risk of being locked out of the machine. Before proceeding with the installation, consider the following:
- If third party Credential Providers are in use on the target machine or server, you should remove them manually before installing the PingID integration for Windows login. You should also only test compatibility between various Credential Providers on lab machines that do not hold important information.
- Several verifications are done on the parameters supplied for the installation, to minimize any locking. The PingID integration for Windows login permits recovery from a lockout scenario, by restarting the machine in safe mode.
- To avoid restarting the machine due to lockout, keep an open session with admin permissions.
- Restart the machine on successful completion of the installation process.
- For the UI wizard: The UI installation wizard prompts the installer to restart (default). Admins can select the option to defer the restart.
- For the CLI: By default, on completion of a successful installation through the CLI, the machine automatically restarts. Admins can add the command line option /NORESTART to prevent the automatic restart.
The installation of PingID requires the following prerequisites:
- Administrator privileges on the target Windows machine.
- An active internet connection on the target Windows machine.
- A copy of the organization's pingid.properties file (generated with the button in the Integrate with Windows login section). For more information on the properties file, see Managing the PingID properties file.