Replay Windows to support RDP and other re-authenticating protocols
When a user wants to connect to a service, they enter their credentials one time, and expect the software to use these values as many times as needed in order to log on and maintain their session. Some network protocols such as Outlook Anywhere and Terminal Services authenticate at each hop along the way from the client to the final destination server. Outlook opens and closes connections periodically, attempting to use the same credentials that the user entered to log in each time. HTTP "basic" authentication provides the same credentials for each connection.
Since AuthLite is a "one-time passcode" system, normally every attempt to use the same OTP again would result in the request being denied. In order to support multiple-authentication protocols, we provide a way to tell AuthLite to allow a user's latest OTP entry to be "replayed" for a certain amount of time without denying the authentication attempt.
This setting is controlled by the "Replay Windows" item of the AuthLite configuration tool. (See Figure).
Each Replay Window you define will apply to a set of one or more computers or IP address/ranges on the network, and they are enforced by the domain controllers.
NOTE: As with most AuthLite settings, Replay window configuration can take 20 minutes to propagate to all systems.