This article will walk you through the process of getting the Enzoic for Active Directory Client (the workstation piece with all the fun password feedback) working with AuthLite.
The first scenario listed below is configured to allow Enzoic to control the flow and wrap AuthLite. You can also configure this the other way, and there should be no difference for the end user's experience. Getting started, assuming you have both applications installed and configured, you will need to make two changes.
1. First you will need to open the Enzoic for Active Directory application on one of your DCs, or a workstation if you have installed it there. You will need to navigate to Settings and then Client Settings. Once there you will input AuthLite's credential provider CLSID ({c11120ea-1855-4b53-85af-b808e42ca018}) in the Alternate Credential Provider GUID field. See the below screenshot for reference:
2. Second you will now need to add the Enzoic Workstation Client CLSID to AuthLite's registry. To do this open up the registry and navigate to HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Collective Software\Authlite if any of those locations do not exist, you will need to create them.
!READ! - There is another Collective Software location that is NOT under Policies. DO NOT USE THAT ONE.
Once you are there you will need to create a key called CredProvChainedBy which will have a string value of our CLSID: {C6522CF0-8F6E-4E5A-BC65-9D3B7E8390C2}
See the below screenshot for reference.
If you wish to have AuthLite wrap Enzoic then the change is quite simple. First in Enzoic move the AuthLite GUID out of the Alternate Credential Provider GUID and into the Credential Provider Whitelist GUIDs list. Then navigate back to the same Registry location as above and change the name of the key from CredProvChainedBy to CredprovChain.
In both scenarios you should be able to receive your OTPs as well as see Enzoic's password policies and rejection reasons.