Time Tracking

ION automatically tracks the time users spend executing steps in runs. When a user first begins a step they are automatically clocked in to that step. When a user completes, places a step on hold, places a step in redline, or fails a step they are automatically clocked out.

If you want to check how long you've been clocked into a step, check the time clock next to the step state in execution mode.

If you'd like to manually record time against a step you can click the time clock to start or stop it. The Currently Clocked Into widget on the home screen shows what steps you're clocked into.

Mouse over the user avatars on a step to get more information about how long each user was clocked into a step.

Users that previously clocked into a step will be displayed in the list of checked-in users with muted colors. Users currently clocked into a step will be displayed regularly.

Using a smart card badge for login authentication

Badge authentication can make it easy for multiple users to login via their badge and check into operations, buyoff steps, etc. Below is an example of badge authentication to Windows 10 hosts that has been successful by using the following technologies:

  • Smart card: Taglio PIVKey C910

  • Smart card reader: HID Omnikey 5422

  • Smart card certificate: Smart Card Logon

  1. Configure a Smart Card Logon certificate template on internal Windows Certificate Authority ADCS.

  2. Explicitly grant a predefined security group access to read/enroll via the template’s permissions.

  3. Write a PowerShell script to simplify the process of requesting a certificate (certreq), setting a pin on the badge PivKeyTool), and writing the certificate to the badge (certutil).

  4. After the PowerShell script completes successfully, the badge can then be used to login to a Windows 10 device.

  5. The user must insert/touch their badge to the reader, and input their pin.

  6. We’ve seen a successful authentication rollup from the OS to the browser (Chrome/Edge), which automatically authenticates the user to Azure AD. This helps the workflow immensely, as they can easily reach First Resonance ION soon after login.

Some improvements during your implementation may consider making the certificate request process easier, as well as implementing automated smart card certificate revocation on our CA to avoid users having multiple certificates on multiple badges.

Last updated