To configure multi-factor authentication using a RADIUS server on the RSTS
-
Start a web browser and open the URL of the RSTS administration interface.
https://<webapplication>/RSTS/admin
Use the configuration password assigned during installation to log in.
-
On the home page, click Authentication providers.
-
On the Authentication Providers page, select the Default Active Directory default provider and click Edit.
-
On the Edit page, select the Authentication provider tab and edit the following settings.
-
Directory Type > Active Directory: enabled
-
Connection Information > Use Current Domain: enabled
-
-
Select the Two Factor Authentication tab and edit the settings for your Defender Security Server.
-
Two Factor Authentication Settings > RADIUS: enabled
-
Server, Port, Shared Secret and Username Attributes: Connection data for the RADIUS server.
-
(Optional) Connection Information > Pre-authenticate For ChallengeResponse: Uses the response text of the defender, instead of the default RADIUS response text.
-
-
Switch to the home page and select Applications.
-
On the Applications page, click Add Application.
-
On the Edit page, select the General Settings tab and edit the following settings.
-
Application Name, Authentication Provider, Realm/Client_ID/Issuer, Redirect Url
The redirect URL for the Web Portal (Redirect Url) is formed as follows: https://<Server>/<Application Name>/
-
-
Select the Certificates tab and under Signing Certificate (Required) activate the signing certificate that you specified when installing the RSTS.
For more information, see Multi-factor authentication with One Identity Defender.
-
Click Finish.