Versions Compared
compared with
Key
- This line was added.
- This line was removed.
- Formatting was changed.
The latter implements a provider of multi-factor authentication for Microsoft ADFS server, thus adding the second factor to the access gaining process.
Info |
---|
Files of Indeed AM ADFS Extension reside in: indeed AM\Indeed ADFS Extension\<Version number>\
|
Installation and configuration of ADFS Extension
- Install Indeed ADFS Extension by running IndeedId.ADFS. IndeedAM.ADFS.Extension-x64.msi installer.
Create a configuration file named MFAAdapter.json with the following parameters.
Info Code Block language js title Example { "ServerType":"eaNet", "EANetServerURL":"http://YourDomainName/easerver/", "ModeId":"{0FA7FDB4-3652-4B55-B0C0-469A1E9D31F0}", "LSEventCacheDirectory": "C:\\EventCacheEa\\" }
Run PowerShell as administrator. Enter the following data to register an adapter:
Info YourPatch\MFAAdapter.json - specify full path to the previously created configuration file.
Note Specify the version number of Indeed ADFS Extension used in $typeName variable, Version parameter.
Code Block language powershell title Example $typeName = "IndeedId.ADFS.MFAAdapter.MFAAdapter, IndeedId.ADFS.MFAAdapter, Version=1.0.6.0, Culture=neutral, PublicKeyToken=1ebb0d9282100d91" Register-AdfsAuthenticationProvider -TypeName $typeName -Name "Indeed Id MFA Adapter" -ConfigurationFilePath ‘YourPatch\MFAAdapter.json’
To remove an adapter, execute the following command:
Code Block language powershell title Example Unregister-AdfsAuthenticationProvider -Name "Indeed Id MFA Adapter"
To update configuration, execute the following command:
Code Block language powershell title Example Import-AdfsAuthenticationProviderConfigurationData -Name "Indeed Id MFA Adapter" -FilePath ‘YourPatch\MFAAdapter.json’
Activation of multi-factor authentication for ADFS.
- Open AD FS management console.
- Select “Authentication policies”“Authentication policies”, and then select “Modify “Modify global multi-factor authentication...” in “Actions” “Actions” window.
- Add a user/group and enable the following parameters:
- Select “Extranet” and “Intranet” in “Location” item.
- Select "Indeed Id MFA Adapter” provider.
- Restart the AD FS service to apply the changes.
Example of extension operation.
- Open ADFS test page: https://YourDomainName/adfs/ls/idpinitiatedsignon. htm
- Perform logging in.
- Specify the second factor data after entering the username and password.Image Added
- If all data is entered correctly, log in is executed.
Backtotop