Versions Compared
compared with
Key
- This line was added.
- This line was removed.
- Formatting was changed.
| Warning | ||
|---|---|---|
| ||
After changing the configuration file restart application pool IdP in IIS Manager. |
Go to C:\inetpub\wwwroot\pam\idp and edit file appsettings.json:
Section IdentitySettings
DirectoryMechanism — Mechanism of authentication.
Authentication — Authentication provider.
Code Block "IdentitySettings": { ... "DirectoryMechanism": "Radius", "Authentication": "Local", ... }
Section Radius
AuthenticationScheme — authentication scheme in radius. Possible parameters:
PAP,CHAP,MSCHAPV2. The PAP scheme is insecure.Note Using CHAP authentication in windows, it is necessary to enable "Store passwords using reversible encryption" in the user account settings and update the user's password.
- AuthenticationUserName —name format for authentication.
- Possible parameters:
- NameWithoutDomain — name without domain (for authentication in FreeRadius)
- SamCompatibleName — name in the format INDEED\\user
- PrincipalName — name in the format user@indeed.domain
- Possible parameters:
- Secret — secret for the additional authentication of the component.
- Timeout —timeout waiting for a radius server response.
- RemoteEndpoint:
- Address — radius server address for connection.
Port — radius server port for connection (default port: 1812).
Code Block "Radius": { "AuthenticationScheme": "MSCHAPV2", "AuthenticationUserName": "PrincipalName", "Secret":"ENCRYPTED_CfDJ8MPJ7V58kgpLvtoHgdiuk5VKMK_hf3r437uZdHjdZAfve5wtVvgDZPjjDm7bgjCXKM5XM", "Timeout": 10, "RemoteEndpoint": { "Address": "PAM_RADIUS_SERVER", "Port": 1812 }
| Divbox | ||||
|---|---|---|---|---|
| ||||
|