Configuring Parallels RAS for Deepnet
List of Supported Tokens
-
SafeID
-
FlashID
-
MobileID
-
QuickID
-
GridID
-
SecureID (RSA)
-
DigiPass (Vasco)
Connect to Deepnet Unified Authentication
-
In the RAS Console, select the
Connection
category and then click the
Second Level Authentication
tab.
-
In the
Provider
drop-down list, select
Deepnet
and click the
Settings
button. The
Deepnet Properties
dialog opens.
-
On the
Connection
tab, enter the server name and port that you saved while setting up your Authentication Sever. By default, the port number is set to 8080. Click on
Check Connection
to test that your Authentication Server can be reached. You can choose to connect over SSL to your Deepnet server.
-
Click the
Application
tab.
-
Select the application profile that will use Deepnet to authenticate its users. You can also create an application which will be added on the Deepnet server.
-
The
Default Domain
field enables you to choose the default domain user for authentication and when users are added. Any Deepnet user accounts imported or verified will be done so using this default domain.
-
Select the
Use LDAP
option when importing Deepnet user accounts and a group that contains other sub-groups.
-
Click the
Import Deepnet user accounts
button to automatically add the specified users/groups to the Deepnet application.
-
Click the
Verify Deepnet user account names
button to check that all users in the Deepnet application are in the following format: \\domain\username. Users added in the format of username@domain will be automatically changed to the appropriate format and users without a domain will have the default domain assigned to them.
-
Click the
Authentication
tab.
-
In the
Mode
drop-down list, select the mode how you want your users to be authenticated:
-
Mandatory for all users
means that every user using the system must log in using two-factor authentication.
-
Create token for Domain Authenticated Users
will allow Parallels RAS to automatically create software tokens for Domain Authenticated Users. Choose a token type from the drop down list. Note that this option only works with software tokens.
-
Use only for users with a Deepnet account
will allow users that do not have a Deepnet account to use the system without having to log in using two-factor authentication. Note that if a user has a Deepnet account, but the account is configured as not required to use 2FA, the AD authentication will be used instead.
-
In the
Allow Channels
section, you can specify what channels are available to the user to activate the token or when requesting a Quick ID OTP. For example, if you select
Email
, the activation code can be sent only via email. If you select
SMS
, the activation code is sent via SMS.
|