Customer administrator issued certificates can be used standalone or used with RAS/RSS. When there is no RAS/RSS support, certificate is solely rely on its own definitions in file for various privileges. But in best practice, customer should set up his own Remote Auth Service (RAS). The most common RAS server is SyncOffice Authenticator.
SyncOffice Authenticator is a freeware Delphi FMX application. It's not constrained by license and no need to login to Teleon service. It could run on Windows, macOS, Linux, Android and iPhone/iPad. For the time being, Teleon only publish its Windows edition for desktop/laptop PC for security reason. Customer can order his own specific editions, such as Android, iOS editions for mobile devices.
SyncOffice Authenticator accepts uploaded certificate's remote attributes from SyncOffice Manager and stores the data locally in a data file repository. Later on, once the certificate's user try login from SyncOffice or boot up SyncOS/SyncOffice-VA, they will send authorization request to SyncOffice Authenticator use certificate id as key. SyncOffice Authenticator retrieves the certificate's remote-control related attributes value from local repo and reply to the authorization request.
SyncOffice Authenticator is developed by Teleon from scratch, mainly using Embarcadero Rad Studio. Some of these key technologies and sources include:
Whether or not applying RAS/RSS for authorization, customer administrator can add an extra remote control: that is Access Passcode. Once a certificate is defined to use access passcode control, the authorization process will generate an AccessCode and the end-user is notified. The end user need to contact his administrator for the paired Passcode for this AccessCode. The administrator can use SyncOffice Authenticator to generate this certificate's Passcode for this AccessCode and inform the end-user to manually input it. In such situation, the administrator needs to have a Windows PC along with him.