# New-RASMFA ## NAME New-RASMFA ## SYNOPSIS Creates a new Multi Factor Authentication. ## SYNTAX **New-RASMFA** \[[Name](#name-string)] *(string)*\*\* \[\[-[SiteId](#siteid-string)] *(uint)*] -[Deepnet](#deepnet-string) *(SwitchParameter)* -[DeepnetAgent](#deepnetagent-string) *(string)* -[DeepnetPort](#deepnetport-string) *(uint)* -[DeepnetServer](#deepnetserver-string) *(string)* \[[ActivateEmail](#activateemail-string) *(bool)*] \[[ActivateSMS](#activatesms-string) *(bool)*] \[[App](#app-string) *(string)*] \[[AppID](#appid-string) *(string)*] \[-[AuthMode](#AuthMode) {MandatoryForAllUsers | CreateTokenForDomainAuthenticatedUsers | UsersWithDeepnetAcc}] \[[DefaultDomain](#defaultdomain-string) *(string)*] \[[Description](#description-string) *(string)*] \[[Enabled](#enabled-string) *(bool)*] \[[SSL](#ssl-string) *(bool)*] \[-[TokenType](#TokenType) {MobileID | QuickID}] \[*(*[*CommonParameters*](#CommonParameters)*)*] **New-RASMFA** \[[Name](#name-string)] *(string)*\*\* \[\[-[SiteId](#siteid-string)] *(uint)*] -[DisplayName](#displayname-string) *(string)* -[EmailOTP](#emailotp-string) *(SwitchParameter)* \[[ADCustomAttribute](#adcustomattribute-string) *(string)*] \[[AllowEnrollExternalEmail](#allowenrollexternalemail-string) *(bool)*] \[[Description](#description-string) *(string)*] \[[EmailContent](#emailcontent-string) *(string)*] \[[EmailSubject](#emailsubject-string) *(string)*] \[[Enabled](#enabled-string) *(bool)*] \[-[ExternalEmailStorage](#ExternalEmailStorage) {RASDatabase | ADMail | ADCustom}] \[[OTPLength](#otplength-string) *(uint)*] \[[OTPLifespanSec](#otplifespansec-string) *(uint)*] \[-[ShowInformationForUnenrolledUsers](#ShowInformationForUnenrolledUsers) {Always | IfEnrollmentIsAllowed | Never}] \[[UntilDateTime](#untildatetime-string) *(DateTime)*] \[-[UserEnrollment](#UserEnrollment) {Allow | AllowUntil | DoNotAllow}] \[[UserMessagePrompt](#usermessageprompt-string) *(string)*] \[*(*[*CommonParameters*](#CommonParameters)*)*] **New-RASMFA** \[[Name](#name-string)] *(string)*\*\* \[\[-[SiteId](#siteid-string)] *(uint)*] -[DisplayName](#displayname-string) *(string)* -[Radius](#radius-string) *(SwitchParameter)* -[RadiusPort](#radiusport-string) *(uint)* -[RadiusServer](#radiusserver-string) *(string)* -[Retries](#retries-string) *(uint)* -[SecretKey](#secretkey-string) *(SecureString)* -[Timeout](#timeout-string) *(uint)* \[[BackupServer](#backupserver-string) *(string)*] \[[Description](#description-string) *(string)*] \[[Enabled](#enabled-string) *(bool)*] \[[EnforceMessageAuthenticator](#enforcemessageauthenticator-string) *(bool)*] \[[ForwardFirstPwdToAD](#forwardfirstpwdtoad-string) *(bool)*] \[-[HAMode](#HAMode) {Parallel | Serial}] \[-[PasswordEncoding](#PasswordEncoding) {PAP | CHAP | PAP\_UTF8 | CHAP\_UTF8}] \[-[RadiusType](#RadiusType) {Radius | AzureRadius | DuoRadius | FortiRadius | TekRadius}] \[[UserMessagePrompt](#usermessageprompt-string) *(string)*] \[[UsernameOnly](#usernameonly-string) *(bool)*] \[*(*[*CommonParameters*](#CommonParameters)*)*] **New-RASMFA** \[[Name](#name-string)] *(string)*\*\* \[\[-[SiteId](#siteid-string)] *(uint)*] -[OTPServiceURL](#otpserviceurl-string) *(string)* -[Safenet](#safenet-string) *(SwitchParameter)* \[[Description](#description-string) *(string)*] \[[Enabled](#enabled-string) *(bool)*] \[-[SafenetAuthMode](#SafenetAuthMode) {MandatoryForAllUsers | CreateTokenForDomainAuthenticatedUsers | UsersWithSafeNetAcc}] \[[TMSWebApiURL](#tmswebapiurl-string) *(string)*] \[[UserRepository](#userrepository-string) *(string)*] \[*(*[*CommonParameters*](#CommonParameters)*)*] **New-RASMFA** \[[Name](#name-string)] *(string)*\*\* \[\[-[SiteId](#siteid-string)] *(uint)*] -[DisplayName](#displayname-string) *(string)* -[TOTP](#totp-string) *(SwitchParameter)* \[-[AuthenticatorAccountName](#AuthenticatorAccountName) {SiteFarmName | ThemeName | TOTPDisplayName}] \[[Description](#description-string) *(string)*] \[[Enabled](#enabled-string) *(bool)*] \[-[ShowInformationForUnenrolledUsers](#ShowInformationForUnenrolledUsers) {Always | IfEnrollmentIsAllowed | Never}] \[[Tolerance](#tolerance-string) *(uint)*] \[-[TOTPType](#TOTPType) {GAuthTOTP | TOTP | MicrosoftTOTP}] \[[UntilDateTime](#untildatetime-string) *(DateTime)*] \[-[UserEnrollment](#UserEnrollment) {Allow | AllowUntil | DoNotAllow}] \[[UserMessagePrompt](#usermessageprompt-string) *(string)*] \[*(*[*CommonParameters*](#CommonParameters)*)*] ## DESCRIPTION Creates a new Multi Factor Authentication. ## PARAMETERS ## Name (string) The name of the target Multi Factor Authentication. This must be the actual Multi Factor Authentication name used in the RAS farm. ``` Required? true Position? 0 Default value Accept pipeline input? false Accept wildcard characters? false ``` ## SiteId (uint) Site ID in which to modify the specified Multi Factor Authentication. If the parameter is omitted, the site ID of the Licensing Server will be used. ``` Required? false Position? 1 Default value 0 Accept pipeline input? false Accept wildcard characters? false ``` ## Description (string) A user-defined Multi Factor Authentication description. ``` Required? false Position? named Default value Accept pipeline input? false Accept wildcard characters? false ``` ## Enabled (bool) Enable or disable the Multi Factor Authentication upon creation. If the parameter is omitted, the Multi Factor Authentication is initialised as Disabled. ``` Required? false Position? named Default value False Accept pipeline input? false Accept wildcard characters? false ``` ## Deepnet (SwitchParameter) ``` Required? true Position? named Default value False Accept pipeline input? false Accept wildcard characters? false ``` ## ActivateEmail (bool) Whether the activation email is enabled or disabled. ``` Required? false Position? named Default value Accept pipeline input? false Accept wildcard characters? false ``` ## ActivateSMS (bool) Whether the activation SMS is enabled or disabled. ``` Required? false Position? named Default value Accept pipeline input? false Accept wildcard characters? false ``` ## App (string) A value that represents the application name. ``` Required? false Position? named Default value Accept pipeline input? false Accept wildcard characters? false ``` ## AppID (string) A value that represents the application ID. ``` Required? false Position? named Default value Accept pipeline input? false Accept wildcard characters? false ``` ## AuthMode ([DeepnetAuthMode](https://docs.parallels.com/landing/ras-powershell-api-guide/parallels-ras-powershell-admin-module/types/deepnetauthmode)) Authentication mode which defines the type of user for which a token will be created. Possible values: MandatoryForAllUsers, CreateTokenForDomainAuthenticatedUsers, UsersWithDeepnetAcc ``` Required? false Position? named Default value Accept pipeline input? false Accept wildcard characters? false ``` ## DeepnetAgent (string) A value that represents the name of Deepnet Agent. ``` Required? true Position? named Default value Accept pipeline input? false Accept wildcard characters? false ``` ## DefaultDomain (string) A value that represents the Default Domain. ``` Required? false Position? named Default value Accept pipeline input? false Accept wildcard characters? false ``` ## SSL (bool) Whether SSL is allowed or not. ``` Required? false Position? named Default value Accept pipeline input? false Accept wildcard characters? false ``` ## DeepnetServer (string) The server of the second level authentication provider. ``` Required? true Position? named Default value Accept pipeline input? false Accept wildcard characters? false ``` ## DeepnetPort (uint) The port number of the second level authentication provider. ``` Required? true Position? named Default value Accept pipeline input? false Accept wildcard characters? false ``` ## TokenType ([TokenType](https://docs.parallels.com/landing/ras-powershell-api-guide/parallels-ras-powershell-admin-module/types/tokentype)) Token Type (Mobile ID or Quick ID). Possible values: MobileID, QuickID ``` Required? false Position? named Default value Accept pipeline input? false Accept wildcard characters? false ``` ## Radius (SwitchParameter) Radius SwitchParameter ``` Required? true Position? named Default value False Accept pipeline input? false Accept wildcard characters? false ``` ## RadiusType ([RadiusType](https://docs.parallels.com/landing/ras-powershell-api-guide/parallels-ras-powershell-admin-module/types/radiustype)) RADIUS Type Possible values: Radius, AzureRadius, DuoRadius, FortiRadius, TekRadius ``` Required? false Position? named Default value Radius Accept pipeline input? false Accept wildcard characters? false ``` ## RadiusServer (string) The server of the second level authentication provider. ``` Required? true Position? named Default value Accept pipeline input? false Accept wildcard characters? false ``` ## RadiusPort (uint) The port number of the second level authentication provider. ``` Required? true Position? named Default value Accept pipeline input? false Accept wildcard characters? false ``` ## PasswordEncoding ([PasswordEncoding](https://docs.parallels.com/landing/ras-powershell-api-guide/parallels-ras-powershell-admin-module/types/passwordencoding)) The type of password encoding to be used. Possible values: PAP, CHAP, PAP\_UTF8, CHAP\_UTF8 ``` Required? false Position? named Default value PAP Accept pipeline input? false Accept wildcard characters? false ``` ## Retries (uint) Number of retries. ``` Required? true Position? named Default value Accept pipeline input? false Accept wildcard characters? false ``` ## Timeout (uint) Connection timeout (in seconds). ``` Required? true Position? named Default value Accept pipeline input? false Accept wildcard characters? false ``` ## DisplayName (string) RADIUS type name. ``` Required? true Position? named Default value Accept pipeline input? false Accept wildcard characters? false ``` ## UsernameOnly (bool) Specifies if forwarding of only the Username to RADIUS Server is enabled or not. ``` Required? false Position? named Default value Accept pipeline input? false Accept wildcard characters? false ``` ## ForwardFirstPwdToAD (bool) Specifies if forwarding of first password to Windows authentication provider is enabled or not. ``` Required? false Position? named Default value Accept pipeline input? false Accept wildcard characters? false ``` ## BackupServer (string) The backup server of the second level authentication provider. ``` Required? false Position? named Default value Accept pipeline input? false Accept wildcard characters? false ``` ## HAMode ([HAMode](https://docs.parallels.com/landing/ras-powershell-api-guide/parallels-ras-powershell-admin-module/types/hamode)) The type of high availability mode to be used. Possible values: Parallel, Serial ``` Required? false Position? named Default value Parallel Accept pipeline input? false Accept wildcard characters? false ``` ## SecretKey (SecureString) RADIUS setting. The secret key. ``` Required? true Position? named Default value Accept pipeline input? false Accept wildcard characters? false ``` ## EnforceMessageAuthenticator (bool) Specifies whether to enforce message authenticator from radius server or not. ``` Required? false Position? named Default value Accept pipeline input? false Accept wildcard characters? false ``` ## Safenet (SwitchParameter) Safenet SwitchParameter ``` Required? true Position? named Default value False Accept pipeline input? false Accept wildcard characters? false ``` ## SafenetAuthMode ([SafeNetAuthMode](https://docs.parallels.com/landing/ras-powershell-api-guide/parallels-ras-powershell-admin-module/types/safenetauthmode)) SafeNet Authentication Mode Possible values: MandatoryForAllUsers, CreateTokenForDomainAuthenticatedUsers, UsersWithSafeNetAcc ``` Required? false Position? named Default value MandatoryForAllUsers Accept pipeline input? false Accept wildcard characters? false ``` ## OTPServiceURL (string) OTP Service URL ``` Required? true Position? named Default value Accept pipeline input? false Accept wildcard characters? false ``` ## UserRepository (string) A value representing User Store ``` Required? false Position? named Default value Accept pipeline input? false Accept wildcard characters? false ``` ## TMSWebApiURL (string) The URL of the web service ``` Required? false Position? named Default value Accept pipeline input? false Accept wildcard characters? false ``` ## TOTP (SwitchParameter) TOTP SwitchParameter ``` Required? true Position? named Default value False Accept pipeline input? false Accept wildcard characters? false ``` ## TOTPType ([TOTPType](https://docs.parallels.com/landing/ras-powershell-api-guide/parallels-ras-powershell-admin-module/types/totptype)) TOTP Type Possible values: GAuthTOTP, TOTP, MicrosoftTOTP ``` Required? false Position? named Default value GAuthTOTP Accept pipeline input? false Accept wildcard characters? false ``` ## UserEnrollment ([UserEnrollment](https://docs.parallels.com/landing/ras-powershell-api-guide/parallels-ras-powershell-admin-module/types/userenrollment)) Use of Enrollment Possible values: Allow, AllowUntil, DoNotAllow ``` Required? false Position? named Default value Allow Accept pipeline input? false Accept wildcard characters? false ``` ## ShowInformationForUnenrolledUsers ([ShowInformationForUnenrolledUsers](https://docs.parallels.com/landing/ras-powershell-api-guide/parallels-ras-powershell-admin-module/types/showinformationforunenrolledusers)) Show information for unenrolled users Possible values: Always, IfEnrollmentIsAllowed, Never ``` Required? false Position? named Default value IfEnrollmentIsAllowed Accept pipeline input? false Accept wildcard characters? false ``` ## UntilDateTime (DateTime) Allow User Enrollment until date/time ``` Required? false Position? named Default value Accept pipeline input? false Accept wildcard characters? false ``` ## Tolerance (uint) TOTP tolerance in seconds. Accepted values are 0 (None), 30, 60, 90 and 120 ``` Required? false Position? named Default value 0 Accept pipeline input? false Accept wildcard characters? false ``` ## AuthenticatorAccountName ([AuthenticatorAccountName](https://docs.parallels.com/landing/ras-powershell-api-guide/parallels-ras-powershell-admin-module/types/authenticatoraccountname)) What to display as an account when registering the TOTP via QR Code Possible values: SiteFarmName, ThemeName, TOTPDisplayName ``` Required? false Position? named Default value SiteFarmName Accept pipeline input? false Accept wildcard characters? false ``` ## EmailOTP (SwitchParameter) Email OTP SwitchParameter ``` Required? true Position? named Default value False Accept pipeline input? false Accept wildcard characters? false ``` ## OTPLifespanSec (uint) The lifespan of the OTP (seconds) ``` Required? false Position? named Default value 60 Accept pipeline input? false Accept wildcard characters? false ``` ## ExternalEmailStorage ([ExternalEmailStorage](https://docs.parallels.com/landing/ras-powershell-api-guide/parallels-ras-powershell-admin-module/types/externalemailstorage)) The storage where the external email is stored Possible values: RASDatabase, ADMail, ADCustom ``` Required? false Position? named Default value RASDatabase Accept pipeline input? false Accept wildcard characters? false ``` ## EmailContent (string) The content of the email. Possible variables: %OTP%, %DURATION% ``` Required? false Position? named Default value Accept pipeline input? false Accept wildcard characters? false ``` ## EmailSubject (string) The subject of the email. Possible variables: %OTP% ``` Required? false Position? named Default value Accept pipeline input? false Accept wildcard characters? false ``` ## UserMessagePrompt (string) User message prompt ``` Required? false Position? named Default value Accept pipeline input? false Accept wildcard characters? false ``` ## ADCustomAttribute (string) AD Custom Attribute ``` Required? false Position? named Default value Accept pipeline input? false Accept wildcard characters? false ``` ## AllowEnrollExternalEmail (bool) Allow enrollment of external email ``` Required? false Position? named Default value False Accept pipeline input? false Accept wildcard characters? false ``` ## OTPLength (uint) The length of the OTP generated ``` Required? false Position? named Default value 6 Accept pipeline input? false Accept wildcard characters? false ``` (CommonParameters) ``` This cmdlet supports the common parameters: Verbose, Debug, ErrorAction, ErrorVariable, WarningAction, WarningVariable, OutBuffer, PipelineVariable, and OutVariable. For more information, see about_CommonParameters documentation. ``` ## INPUTS -none- ## OUTPUTS [MFADeepnet](https://docs.parallels.com/landing/ras-powershell-api-guide/parallels-ras-powershell-admin-module/types/mfadeepnet) [MFAEmailOTP](https://docs.parallels.com/landing/ras-powershell-api-guide/parallels-ras-powershell-admin-module/types/mfaemailotp) [MFARadius](https://docs.parallels.com/landing/ras-powershell-api-guide/parallels-ras-powershell-admin-module/types/mfaradius) [MFASafenet](https://docs.parallels.com/landing/ras-powershell-api-guide/parallels-ras-powershell-admin-module/types/mfasafenet) [MFATOTP](https://docs.parallels.com/landing/ras-powershell-api-guide/parallels-ras-powershell-admin-module/types/mfatotp) ## EXAMPLES **---------- EXAMPLE 1 ----------** New-RASMFA "MFA" Creates a new Multi Factor Authentication with the specified name. ## RELATED LINKS * [Get-RASMFA](https://docs.parallels.com/landing/ras-powershell-api-guide/parallels-ras-powershell-admin-module/commands/get-rasmfa) * [Remove-RASMFA](https://docs.parallels.com/landing/ras-powershell-api-guide/parallels-ras-powershell-admin-module/commands/remove-rasmfa) * [Invoke-RASMFA](https://docs.parallels.com/landing/ras-powershell-api-guide/parallels-ras-powershell-admin-module/commands/invoke-rasmfa)