# New-RASMFA.md ## NAME New-RASMFA ## SYNOPSIS Creates a new Multi Factor Authentication. ## SYNTAX **New-RASMFA** \[[Name](#name-string)] *(string)* \[\[-[SiteId](#siteid-string)] *(uint)*] -[Deepnet](#deepnet-string) *(SwitchParameter)* -[DeepnetAgent](#deepnetagent-string) *(string)* -[DeepnetPort](#deepnetport-string) *(uint)* -[DeepnetServer](#deepnetserver-string) *(string)* \[[ActivateEmail](#activateemail-string) *(bool)*] \[[ActivateSMS](#activatesms-string) *(bool)*] \[[App](#app-string) *(string)*] \[[AppID](#appid-string) *(string)*] \[-[AuthMode](#AuthMode) {MandatoryForAllUsers | CreateTokenForDomainAuthenticatedUsers | UsersWithDeepnetAcc}] \[[DefaultDomain](#defaultdomain-string) *(string)*] \[[Description](#description-string) *(string)*] \[[Enabled](#enabled-string) *(bool)*] \[[SSL](#ssl-string) *(bool)*] \[-[TokenType](#TokenType) {MobileID | QuickID}] \[*(*[*CommonParameters*](#CommonParameters)*)*] **New-RASMFA** \[[Name](#name-string)] *(string)* \[\[-[SiteId](#siteid-string)] *(uint)*] -[DisplayName](#displayname-string) *(string)* -[EmailOTP](#emailotp-string) *(SwitchParameter)* \[[ADCustomAttribute](#adcustomattribute-string) *(string)*] \[[AllowEnrollExternalEmail](#allowenrollexternalemail-string) *(bool)*] \[[Description](#description-string) *(string)*] \[[EmailContent](#emailcontent-string) *(string)*] \[[EmailSubject](#emailsubject-string) *(string)*] \[[Enabled](#enabled-string) *(bool)*] \[-[ExternalEmailStorage](#ExternalEmailStorage) {RASDatabase | ADMail | ADCustom}] \[[OTPLength](#otplength-string) *(uint)*] \[[OTPLifespanSec](#otplifespansec-string) *(uint)*] \[-[ShowInformationForUnenrolledUsers](#ShowInformationForUnenrolledUsers) {Always | IfEnrollmentIsAllowed | Never}] \[[UntilDateTime](#untildatetime-string) *(DateTime)*] \[-[UserEnrollment](#UserEnrollment) {Allow | AllowUntil | DoNotAllow}] \[[UserMessagePrompt](#usermessageprompt-string) *(string)*] \[*(*[*CommonParameters*](#CommonParameters)*)*] **New-RASMFA** \[[Name](#name-string)] *(string)* \[\[-[SiteId](#siteid-string)] *(uint)*] -[DisplayName](#displayname-string) *(string)* -[Radius](#radius-string) *(SwitchParameter)* -[RadiusPort](#radiusport-string) *(uint)* -[RadiusServer](#radiusserver-string) *(string)* -[Retries](#retries-string) *(uint)* -[SecretKey](#secretkey-string) *(SecureString)* -[Timeout](#timeout-string) *(uint)* \[[BackupServer](#backupserver-string) *(string)*] \[[Description](#description-string) *(string)*] \[[Enabled](#enabled-string) *(bool)*] \[[ForwardFirstPwdToAD](#forwardfirstpwdtoad-string) *(bool)*] \[-[HAMode](#HAMode) {Parallel | Serial}] \[-[PasswordEncoding](#PasswordEncoding) {PAP | CHAP}] \[-[RadiusType](#RadiusType) {Radius | AzureRadius | DuoRadius | FortiRadius | TekRadius}] \[[UserMessagePrompt](#usermessageprompt-string) *(string)*] \[[UsernameOnly](#usernameonly-string) *(bool)*] \[*(*[*CommonParameters*](#CommonParameters)*)*] **New-RASMFA** \[[Name](#name-string)] *(string)* \[\[-[SiteId](#siteid-string)] *(uint)*] -[OTPServiceURL](#otpserviceurl-string) *(string)* -[Safenet](#safenet-string) *(SwitchParameter)* \[[Description](#description-string) *(string)*] \[[Enabled](#enabled-string) *(bool)*] \[-[SafenetAuthMode](#SafenetAuthMode) {MandatoryForAllUsers | CreateTokenForDomainAuthenticatedUsers | UsersWithSafeNetAcc}] \[[TMSWebApiURL](#tmswebapiurl-string) *(string)*] \[[UserRepository](#userrepository-string) *(string)*] \[*(*[*CommonParameters*](#CommonParameters)*)*] **New-RASMFA** \[[Name](#name-string)] *(string)* \[\[-[SiteId](#siteid-string)] *(uint)*] -[DisplayName](#displayname-string) *(string)* -[TOTP](#totp-string) *(SwitchParameter)* \[[Description](#description-string) *(string)*] \[[Enabled](#enabled-string) *(bool)*] \[-[ShowInformationForUnenrolledUsers](#ShowInformationForUnenrolledUsers) {Always | IfEnrollmentIsAllowed | Never}] \[[Tolerance](#tolerance-string) *(uint)*] \[-[TOTPType](#TOTPType) {GAuthTOTP | TOTP | MicrosoftTOTP}] \[[UntilDateTime](#untildatetime-string) *(DateTime)*] \[-[UserEnrollment](#UserEnrollment) {Allow | AllowUntil | DoNotAllow}] \[[UserMessagePrompt](#usermessageprompt-string) *(string)*] \[*(*[*CommonParameters*](#CommonParameters)*)*] ## DESCRIPTION Creates a new Multi Factor Authentication. ## PARAMETERS ## Name (string) The name of the target Multi Factor Authentication. This must be the actual Multi Factor Authentication name used in the RAS farm. ``` Required? true Position? 0 Default value Accept pipeline input? false Accept wildcard characters? false ``` ## SiteId (uint) Site ID in which to modify the specified Multi Factor Authentication. If the parameter is omitted, the site ID of the Licensing Server will be used. ``` Required? false Position? 1 Default value 0 Accept pipeline input? false Accept wildcard characters? false ``` ## Description (string) A user-defined Multi Factor Authentication description. ``` Required? false Position? named Default value Accept pipeline input? false Accept wildcard characters? false ``` ## Enabled (bool) Enable or disable the Multi Factor Authentication upon creation. If the parameter is omitted, the Multi Factor Authentication is initialised as Disabled. ``` Required? false Position? named Default value False Accept pipeline input? false Accept wildcard characters? false ``` ## Deepnet (SwitchParameter) ``` Required? true Position? named Default value False Accept pipeline input? false Accept wildcard characters? false ``` ## ActivateEmail (bool) Whether the activation email is enabled or disabled. ``` Required? false Position? named Default value Accept pipeline input? false Accept wildcard characters? false ``` ## ActivateSMS (bool) Whether the activation SMS is enabled or disabled. ``` Required? false Position? named Default value Accept pipeline input? false Accept wildcard characters? false ``` ## App (string) A value that represents the application name. ``` Required? false Position? named Default value Accept pipeline input? false Accept wildcard characters? false ``` ## AppID (string) A value that represents the application ID. ``` Required? false Position? named Default value Accept pipeline input? false Accept wildcard characters? false ``` ## AuthMode ([DeepnetAuthMode](/landing/ras-powershell-api-guide/v20/parallels-ras-powershell-admin-module/types/deepnetauthmode.md)) Authentication mode which defines the type of user for which a token will be created. Possible values: MandatoryForAllUsers, CreateTokenForDomainAuthenticatedUsers, UsersWithDeepnetAcc ``` Required? false Position? named Default value Accept pipeline input? false Accept wildcard characters? false ``` ## DeepnetAgent (string) A value that represents the name of Deepnet Agent. ``` Required? true Position? named Default value Accept pipeline input? false Accept wildcard characters? false ``` ## DefaultDomain (string) A value that represents the Default Domain. ``` Required? false Position? named Default value Accept pipeline input? false Accept wildcard characters? false ``` ## SSL (bool) Whether SSL is allowed or not. ``` Required? false Position? named Default value Accept pipeline input? false Accept wildcard characters? false ``` ## DeepnetServer (string) The server of the second level authentication provider. ``` Required? true Position? named Default value Accept pipeline input? false Accept wildcard characters? false ``` ## DeepnetPort (uint) The port number of the second level authentication provider. ``` Required? true Position? named Default value Accept pipeline input? false Accept wildcard characters? false ``` ## TokenType ([TokenType](/landing/ras-powershell-api-guide/v20/parallels-ras-powershell-admin-module/types/tokentype.md)) Token Type (Mobile ID or Quick ID). Possible values: MobileID, QuickID ``` Required? false Position? named Default value Accept pipeline input? false Accept wildcard characters? false ``` ## Radius (SwitchParameter) Radius SwitchParameter ``` Required? true Position? named Default value False Accept pipeline input? false Accept wildcard characters? false ``` ## RadiusType ([RadiusType](/landing/ras-powershell-api-guide/v20/parallels-ras-powershell-admin-module/types/radiustype.md)) RADIUS Type Possible values: Radius, AzureRadius, DuoRadius, FortiRadius, TekRadius ``` Required? false Position? named Default value Radius Accept pipeline input? false Accept wildcard characters? false ``` ## RadiusServer (string) The server of the second level authentication provider. ``` Required? true Position? named Default value Accept pipeline input? false Accept wildcard characters? false ``` ## RadiusPort (uint) The port number of the second level authentication provider. ``` Required? true Position? named Default value Accept pipeline input? false Accept wildcard characters? false ``` ## PasswordEncoding ([PasswordEncoding](/landing/ras-powershell-api-guide/v20/parallels-ras-powershell-admin-module/types/passwordencoding.md)) The type of password encoding to be used. Possible values: PAP, CHAP ``` Required? false Position? named Default value PAP Accept pipeline input? false Accept wildcard characters? false ``` ## Retries (uint) Number of retries. ``` Required? true Position? named Default value Accept pipeline input? false Accept wildcard characters? false ``` ## Timeout (uint) Connection timeout (in seconds). ``` Required? true Position? named Default value Accept pipeline input? false Accept wildcard characters? false ``` ## DisplayName (string) RADIUS type name. ``` Required? true Position? named Default value Accept pipeline input? false Accept wildcard characters? false ``` ## UsernameOnly (bool) Specifies if forwarding of only the Username to RADIUS Server is enabled or not. ``` Required? false Position? named Default value Accept pipeline input? false Accept wildcard characters? false ``` ## ForwardFirstPwdToAD (bool) Specifies if forwarding of first password to Windows authentication provider is enabled or not. ``` Required? false Position? named Default value Accept pipeline input? false Accept wildcard characters? false ``` ## BackupServer (string) The backup server of the second level authentication provider. ``` Required? false Position? named Default value Accept pipeline input? false Accept wildcard characters? false ``` ## HAMode ([HAMode](/landing/ras-powershell-api-guide/v20/parallels-ras-powershell-admin-module/types/hamode.md)) The type of high availability mode to be used. Possible values: Parallel, Serial ``` Required? false Position? named Default value Parallel Accept pipeline input? false Accept wildcard characters? false ``` ## SecretKey (SecureString) RADIUS setting. The secret key. ``` Required? true Position? named Default value Accept pipeline input? false Accept wildcard characters? false ``` ## Safenet (SwitchParameter) Safenet SwitchParameter ``` Required? true Position? named Default value False Accept pipeline input? false Accept wildcard characters? false ``` ## SafenetAuthMode ([SafeNetAuthMode](/landing/ras-powershell-api-guide/v20/parallels-ras-powershell-admin-module/types/safenetauthmode.md)) SafeNet Authentication Mode Possible values: MandatoryForAllUsers, CreateTokenForDomainAuthenticatedUsers, UsersWithSafeNetAcc ``` Required? false Position? named Default value MandatoryForAllUsers Accept pipeline input? false Accept wildcard characters? false ``` ## OTPServiceURL (string) OTP Service URL ``` Required? true Position? named Default value Accept pipeline input? false Accept wildcard characters? false ``` ## UserRepository (string) A value representing User Store ``` Required? false Position? named Default value Accept pipeline input? false Accept wildcard characters? false ``` ## TMSWebApiURL (string) The URL of the web service ``` Required? false Position? named Default value Accept pipeline input? false Accept wildcard characters? false ``` ## TOTP (SwitchParameter) TOTP SwitchParameter ``` Required? true Position? named Default value False Accept pipeline input? false Accept wildcard characters? false ``` ## TOTPType ([TOTPType](/landing/ras-powershell-api-guide/v20/parallels-ras-powershell-admin-module/types/totptype.md)) TOTP Type Possible values: GAuthTOTP, TOTP, MicrosoftTOTP ``` Required? false Position? named Default value GAuthTOTP Accept pipeline input? false Accept wildcard characters? false ``` ## UserEnrollment ([UserEnrollment](/landing/ras-powershell-api-guide/v20/parallels-ras-powershell-admin-module/types/userenrollment.md)) Use of Enrollment Possible values: Allow, AllowUntil, DoNotAllow ``` Required? false Position? named Default value Allow Accept pipeline input? false Accept wildcard characters? false ``` ## ShowInformationForUnenrolledUsers ([ShowInformationForUnenrolledUsers](/landing/ras-powershell-api-guide/v20/parallels-ras-powershell-admin-module/types/showinformationforunenrolledusers.md)) Show information for unenrolled users Possible values: Always, IfEnrollmentIsAllowed, Never ``` Required? false Position? named Default value IfEnrollmentIsAllowed Accept pipeline input? false Accept wildcard characters? false ``` ## UntilDateTime (DateTime) Allow User Enrollment until date/time ``` Required? false Position? named Default value Accept pipeline input? false Accept wildcard characters? false ``` ## Tolerance (uint) TOTP tolerance in seconds. Accepted values are 0 (None), 30, 60, 90 and 120 ``` Required? false Position? named Default value 0 Accept pipeline input? false Accept wildcard characters? false ``` ## EmailOTP (SwitchParameter) Email OTP SwitchParameter ``` Required? true Position? named Default value False Accept pipeline input? false Accept wildcard characters? false ``` ## OTPLifespanSec (uint) The lifespan of the OTP (seconds) ``` Required? false Position? named Default value 60 Accept pipeline input? false Accept wildcard characters? false ``` ## ExternalEmailStorage ([ExternalEmailStorage](/landing/ras-powershell-api-guide/v20/parallels-ras-powershell-admin-module/types/externalemailstorage.md)) The storage where the external email is stored Possible values: RASDatabase, ADMail, ADCustom ``` Required? false Position? named Default value RASDatabase Accept pipeline input? false Accept wildcard characters? false ``` ## EmailContent (string) The content of the email. Possible variables: %OTP%, %DURATION% ``` Required? false Position? named Default value Accept pipeline input? false Accept wildcard characters? false ``` ## EmailSubject (string) The subject of the email. Possible variables: %OTP% ``` Required? false Position? named Default value Accept pipeline input? false Accept wildcard characters? false ``` ## UserMessagePrompt (string) User message prompt ``` Required? false Position? named Default value Accept pipeline input? false Accept wildcard characters? false ``` ## ADCustomAttribute (string) AD Custom Attribute ``` Required? false Position? named Default value Accept pipeline input? false Accept wildcard characters? false ``` ## AllowEnrollExternalEmail (bool) Allow enrollment of external email ``` Required? false Position? named Default value False Accept pipeline input? false Accept wildcard characters? false ``` ## OTPLength (uint) The length of the OTP generated ``` Required? false Position? named Default value 6 Accept pipeline input? false Accept wildcard characters? false ``` (CommonParameters) ``` This cmdlet supports the common parameters: Verbose, Debug, ErrorAction, ErrorVariable, WarningAction, WarningVariable, OutBuffer, PipelineVariable, and OutVariable. For more information, see about_CommonParameters documentation. ``` ## INPUTS -none- ## OUTPUTS [MFADeepnet](/landing/ras-powershell-api-guide/v20/parallels-ras-powershell-admin-module/types/mfadeepnet.md) [MFAEmailOTP](/landing/ras-powershell-api-guide/v20/parallels-ras-powershell-admin-module/types/mfaemailotp.md) [MFARadius](/landing/ras-powershell-api-guide/v20/parallels-ras-powershell-admin-module/types/mfaradius.md) [MFASafenet](/landing/ras-powershell-api-guide/v20/parallels-ras-powershell-admin-module/types/mfasafenet.md) [MFATOTP](/landing/ras-powershell-api-guide/v20/parallels-ras-powershell-admin-module/types/mfatotp.md) ## EXAMPLES \*\*---------- EXAMPLE 1 ---------- New-RASMFA "MFA" Creates a new Multi Factor Authentication with the specified name. ## RELATED LINKS * [Get-RASMFA](/landing/ras-powershell-api-guide/v20/parallels-ras-powershell-admin-module/commands/get-rasmfa.md) * [Remove-RASMFA](/landing/ras-powershell-api-guide/v20/parallels-ras-powershell-admin-module/commands/remove-rasmfa.md) * [Invoke-RASMFA](/landing/ras-powershell-api-guide/v20/parallels-ras-powershell-admin-module/commands/invoke-rasmfa.md) --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.parallels.com/landing/ras-powershell-api-guide/v20/parallels-ras-powershell-admin-module/commands/new-rasmfa.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.