Chat now with support
Chat with Support

Defender 6.6 - Administration Guide

Getting started Managing Defender objects in Active Directory Configuring security tokens Securing VPN access Securing Web sites Securing Windows-based computers Defender Management Portal (Web interface) Securing PAM-enabled services Delegating Defender roles, tasks, and functions Automating administrative tasks Administrative templates Integration with Active Roles Push Notifications Appendices
Appendix A: Enabling diagnostic logging Appendix B: Troubleshooting common authentication issues Appendix C: Troubleshooting DIGIPASS token issues Appendix D: Defender classes and attributes in Active Directory Appendix E: Defender Event Log messages Appendix F: Defender Client SDK Appendix G: Defender Web Service API

Configuring OneLogin Portal

You can use OneLogin Protect/OneLogin SMS to authenticate and get access to resources protected with Defender. To start using OneLogin Protect/OneLogin SMS, you need to download and install it. Lastly, activate it by importing an activation code from OneLogin portal.

 

Defender Side Configuration

  1. Program the OneLogin Defender Token: Program the OneLogin Token from ADUC for the user and do not activate it.

  2. Update User Properties: Update the below User Properties from the ADUC (Active Directory Users and Computers) to sync the users with the OneLogin:

    • First Name
    • Last Name
    • Display Name
    • Email (this email address will be used to login to OneLogin Portal with same AD Password)
  3. Input OneLogin API credential in Policy properties Dialog: On install/Upgrade to Defender version 6.5.0, a new tab named OneLogin Token under policies Properties Dialog is visible. Admin needs to enter OneLogin API credentials to use OneLogin Push Notification with OneLogin protect app for that policy. Click Apply to save the credentials. To update credentials, click UPDATE credentials.

OneLogin Side Configuration - Creating a OneLogin Tenant account

Create a OneLogin Tenant account. After Tenant account creation, create new credentials:

  1. Login to the Admin OneLogin Portal.
  2. Go to Developers -> API Credentials.
  3. Create a new credential.

Synchronizing User Data

Follow the below steps to Sync the AD Users with OneLogin:

  1. Login using developers account credentials to the OneLogin portal using address: <subdomain>.onelogin.com.

  2. Go to Users->Directories, then select Active Directory and download “onelogin_ad_connector.msi”.

  3. Copy the token generated and use it to install the “OneLogin Connector” tool.

Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating