4.1. Workflow Profiles Page

Workflow profiles can be created or edited on the Workflow Profiles page of the Kiosk Management Console, as well as configuring user authentication.

Note: Any users (Windows or Guest) that are not included in one of the defined profiles will be assigned the Default profile (if "Default login" is enabled).
Note: Workflow profiles labeled with an "!" do not match with any existing Core security rules. You must select a corresponding MetaDefender Core in the 4.5. Selecting a Server to Process Files section.


The followings are the default workflows:




Users that are not covered by other profiles.


Account used when Guest Login is selected.

Enabling user authentication

To enable user authentication, select the Require user authentication checkbox on the Workflows page.

If you enable user authentication, you can choose between using the default MetaDefender Kiosk authentication or using a custom authentication module that has been installed on that MetaDefender Kiosk. For more information, see 11.1. Custom Authentication Module.
If you are using the default MetaDefender Kiosk authentication you can choose between authenticating against the local Active Directory (Windows user login), a remote Active Directory server, or not enabling authenticated login.


Windows user login

If Windows user login is enabled, you can choose whether to restrict the users by domain.
If selected, only users on the same domain as the system are allowed to use MetaDefender Kiosk.
If this is not selected, users will be able to enter authentication information for users on any domain as well as local system users.


Remote Active Directory

If Remote Active Directory authentication is enabled, the URL of the remote Active Directory server, as well as user credentials to authenticate against the server are required.
These credentials will be used to retrieve the list of users from the remote AD server for the purposes of assigning users to specific workflows.

Note: when using the Remote Active Directory authentication the Kiosk end user credentials are not used for copying files as part of the MetaDefender Kiosk workflows.


A message next to the "Remote Active Directory" radio button will show in real time whether Kiosk is able to connect to the AD server.
For "Server URL", input can either be the IP or DNS name of the AD server; "<ip or dns name>:<port>".
The default port 389 (636 if SSL is enabled) will be used if one is not supplied.

Kiosk will log users onto the domain specified in the "Domain" field.
If the field is blank, users will be required to type in the domain along with their username at the login screen (e.g. "<domain>\<username>").

Creating a new workflow profile

To create a new workflow profile, click Create New Profile . You will be guided through the process of creating a new MetaDefender Kiosk Workflow profile. After the profile has been created, each step in the workflow can be edited independently.