New-RASMFA
NAME
New-RASMFA
SYNOPSIS
Creates a new Multi Factor Authentication.
SYNTAX
New-RASMFA [-Name] <string> [[-SiteId] <uint>] -Deepnet <SwitchParameter> -DeepnetAgent <string> -DeepnetPort <uint> -DeepnetServer <string> [-ActivateEmail <bool>] [-ActivateSMS <bool>] [-App <string>] [-AppID <string>] [-AuthMode {MandatoryForAllUsers | CreateTokenForDomainAuthenticatedUsers | UsersWithDeepnetAcc}] [-DefaultDomain <string>] [-Description <string>] [-Enabled <bool>] [-SSL <bool>] [-TokenType {MobileID | QuickID}] [<CommonParameters>]
New-RASMFA [-Name] <string> [[-SiteId] <uint>] -DisplayName <string> -EmailOTP <SwitchParameter> [-ADCustomAttribute <string>] [-AllowEnrollExternalEmail <bool>] [-Description <string>] [-EmailContent <string>] [-EmailSubject <string>] [-Enabled <bool>] [-ExternalEmailStorage {RASDatabase | ADMail | ADCustom}] [-OTPLength <uint>] [-OTPLifespanSec <uint>] [-ShowInformationForUnenrolledUsers {Always | IfEnrollmentIsAllowed | Never}] [-UntilDateTime <DateTime>] [-UserEnrollment {Allow | AllowUntil | DoNotAllow}] [-UserMessagePrompt <string>] [<CommonParameters>]
New-RASMFA [-Name] <string> [[-SiteId] <uint>] -DisplayName <string> -Radius <SwitchParameter> -RadiusPort <uint> -RadiusServer <string> -Retries <uint> -SecretKey <SecureString> -Timeout <uint> [-BackupServer <string>] [-Description <string>] [-Enabled <bool>] [-ForwardFirstPwdToAD <bool>] [-HAMode {Parallel | Serial}] [-PasswordEncoding {PAP | CHAP}] [-RadiusType {Radius | AzureRadius | DuoRadius | FortiRadius | TekRadius}] [-UserMessagePrompt <string>] [-UsernameOnly <bool>] [<CommonParameters>]
New-RASMFA [-Name] <string> [[-SiteId] <uint>] -OTPServiceURL <string> -Safenet <SwitchParameter> [-Description <string>] [-Enabled <bool>] [-SafenetAuthMode {MandatoryForAllUsers | CreateTokenForDomainAuthenticatedUsers | UsersWithSafeNetAcc}] [-TMSWebApiURL <string>] [-UserRepository <string>] [<CommonParameters>]
New-RASMFA [-Name] <string> [[-SiteId] <uint>] -DisplayName <string> -TOTP <SwitchParameter> [-Description <string>] [-Enabled <bool>] [-ShowInformationForUnenrolledUsers {Always | IfEnrollmentIsAllowed | Never}] [-Tolerance <uint>] [-TOTPType {GAuthTOTP | TOTP | MicrosoftTOTP}] [-UntilDateTime <DateTime>] [-UserEnrollment {Allow | AllowUntil | DoNotAllow}] [-UserMessagePrompt <string>] [<CommonParameters>]
DESCRIPTION
Creates a new Multi Factor Authentication.
PARAMETERS
-Name <string> The name of the target Multi Factor Authentication.
This must be the actual Multi Factor Authentication name used in the RAS farm.
Required? true
Position? 0
Default value
Accept pipeline input? false
Accept wildcard characters? false-SiteId <uint> Site ID in which to modify the specified Multi Factor Authentication.
If the parameter is omitted, the site ID of the Licensing Server will be used.
Required? false
Position? 1
Default value 0
Accept pipeline input? false
Accept wildcard characters? false-Description <string> A user-defined Multi Factor Authentication description.
Required? false
Position? named
Default value
Accept pipeline input? false
Accept wildcard characters? false-Enabled <bool> Enable or disable the Multi Factor Authentication upon creation.
If the parameter is omitted, the Multi Factor Authentication is initialised as Disabled.
Required? false
Position? named
Default value False
Accept pipeline input? false
Accept wildcard characters? false-Deepnet <SwitchParameter>
Required? true
Position? named
Default value False
Accept pipeline input? false
Accept wildcard characters? false-ActivateEmail <bool> Whether the activation email is enabled or disabled.
Required? false
Position? named
Default value
Accept pipeline input? false
Accept wildcard characters? false-ActivateSMS <bool> Whether the activation SMS is enabled or disabled.
Required? false
Position? named
Default value
Accept pipeline input? false
Accept wildcard characters? false-App <string> A value that represents the application name.
Required? false
Position? named
Default value
Accept pipeline input? false
Accept wildcard characters? false-AppID <string> A value that represents the application ID.
Required? false
Position? named
Default value
Accept pipeline input? false
Accept wildcard characters? false-AuthMode <DeepnetAuthMode> Authentication mode which defines the type of user for which a token will be created.
Possible values: MandatoryForAllUsers, CreateTokenForDomainAuthenticatedUsers, UsersWithDeepnetAcc
Required? false
Position? named
Default value
Accept pipeline input? false
Accept wildcard characters? false-DeepnetAgent <string> A value that represents the name of Deepnet Agent.
Required? true
Position? named
Default value
Accept pipeline input? false
Accept wildcard characters? false-DefaultDomain <string> A value that represents the Default Domain.
Required? false
Position? named
Default value
Accept pipeline input? false
Accept wildcard characters? false-SSL <bool> Whether SSL is allowed or not.
Required? false
Position? named
Default value
Accept pipeline input? false
Accept wildcard characters? false-DeepnetServer <string> The server of the second level authentication provider.
Required? true
Position? named
Default value
Accept pipeline input? false
Accept wildcard characters? false-DeepnetPort <uint> The port number of the second level authentication provider.
Required? true
Position? named
Default value
Accept pipeline input? false
Accept wildcard characters? false-TokenType <TokenType> Token Type (Mobile ID or Quick ID).
Possible values: MobileID, QuickID
Required? false
Position? named
Default value
Accept pipeline input? false
Accept wildcard characters? false-Radius <SwitchParameter> Radius SwitchParameter
Required? true
Position? named
Default value False
Accept pipeline input? false
Accept wildcard characters? false-RadiusType <RadiusType> RADIUS Type
Possible values: Radius, AzureRadius, DuoRadius, FortiRadius, TekRadius
Required? false
Position? named
Default value Radius
Accept pipeline input? false
Accept wildcard characters? false-RadiusServer <string> The server of the second level authentication provider.
Required? true
Position? named
Default value
Accept pipeline input? false
Accept wildcard characters? false-RadiusPort <uint> The port number of the second level authentication provider.
Required? true
Position? named
Default value
Accept pipeline input? false
Accept wildcard characters? false-PasswordEncoding <PasswordEncoding> The type of password encoding to be used.
Possible values: PAP, CHAP
Required? false
Position? named
Default value PAP
Accept pipeline input? false
Accept wildcard characters? false-Retries <uint> Number of retries.
Required? true
Position? named
Default value
Accept pipeline input? false
Accept wildcard characters? false-Timeout <uint> Connection timeout (in seconds).
Required? true
Position? named
Default value
Accept pipeline input? false
Accept wildcard characters? false-DisplayName <string> RADIUS type name.
Required? true
Position? named
Default value
Accept pipeline input? false
Accept wildcard characters? false-UsernameOnly <bool> Specifies if forwarding of only the Username to RADIUS Server is enabled or not.
Required? false
Position? named
Default value
Accept pipeline input? false
Accept wildcard characters? false-ForwardFirstPwdToAD <bool> Specifies if forwarding of first password to Windows authentication provider is enabled or not.
Required? false
Position? named
Default value
Accept pipeline input? false
Accept wildcard characters? false-BackupServer <string> The backup server of the second level authentication provider.
Required? false
Position? named
Default value
Accept pipeline input? false
Accept wildcard characters? false-HAMode <HAMode> The type of high availability mode to be used.
Possible values: Parallel, Serial
Required? false
Position? named
Default value Parallel
Accept pipeline input? false
Accept wildcard characters? false-SecretKey <SecureString> RADIUS setting. The secret key.
Required? true
Position? named
Default value
Accept pipeline input? false
Accept wildcard characters? false-Safenet <SwitchParameter> Safenet SwitchParameter
Required? true
Position? named
Default value False
Accept pipeline input? false
Accept wildcard characters? false-SafenetAuthMode <SafeNetAuthMode> SafeNet Authentication Mode
Possible values: MandatoryForAllUsers, CreateTokenForDomainAuthenticatedUsers, UsersWithSafeNetAcc
Required? false
Position? named
Default value MandatoryForAllUsers
Accept pipeline input? false
Accept wildcard characters? false-OTPServiceURL <string> OTP Service URL
Required? true
Position? named
Default value
Accept pipeline input? false
Accept wildcard characters? false-UserRepository <string> A value representing User Store
Required? false
Position? named
Default value
Accept pipeline input? false
Accept wildcard characters? false-TMSWebApiURL <string> The URL of the web service
Required? false
Position? named
Default value
Accept pipeline input? false
Accept wildcard characters? false-TOTP <SwitchParameter> TOTP SwitchParameter
Required? true
Position? named
Default value False
Accept pipeline input? false
Accept wildcard characters? false-TOTPType <TOTPType> TOTP Type
Possible values: GAuthTOTP, TOTP, MicrosoftTOTP
Required? false
Position? named
Default value GAuthTOTP
Accept pipeline input? false
Accept wildcard characters? false-UserEnrollment <UserEnrollment> Use of Enrollment
Possible values: Allow, AllowUntil, DoNotAllow
Required? false
Position? named
Default value Allow
Accept pipeline input? false
Accept wildcard characters? false-ShowInformationForUnenrolledUsers <ShowInformationForUnenrolledUsers> Show information for unenrolled users
Possible values: Always, IfEnrollmentIsAllowed, Never
Required? false
Position? named
Default value IfEnrollmentIsAllowed
Accept pipeline input? false
Accept wildcard characters? false-UntilDateTime <DateTime> Allow User Enrollment until date/time
Required? false
Position? named
Default value
Accept pipeline input? false
Accept wildcard characters? false-Tolerance <uint> TOTP tolerance in seconds. Accepted values are 0 (None), 30, 60, 90 and 120
Required? false
Position? named
Default value 0
Accept pipeline input? false
Accept wildcard characters? false-EmailOTP <SwitchParameter> Email OTP SwitchParameter
Required? true
Position? named
Default value False
Accept pipeline input? false
Accept wildcard characters? false-OTPLifespanSec <uint> The lifespan of the OTP (seconds)
Required? false
Position? named
Default value 60
Accept pipeline input? false
Accept wildcard characters? false-ExternalEmailStorage <ExternalEmailStorage> The storage where the external email is stored
Possible values: RASDatabase, ADMail, ADCustom
Required? false
Position? named
Default value RASDatabase
Accept pipeline input? false
Accept wildcard characters? false-EmailContent <string> The content of the email. Possible variables: %OTP%, %DURATION%
Required? false
Position? named
Default value
Accept pipeline input? false
Accept wildcard characters? false-EmailSubject <string> The subject of the email. Possible variables: %OTP%
Required? false
Position? named
Default value
Accept pipeline input? false
Accept wildcard characters? false-UserMessagePrompt <string> User message prompt
Required? false
Position? named
Default value
Accept pipeline input? false
Accept wildcard characters? false-ADCustomAttribute <string> AD Custom Attribute
Required? false
Position? named
Default value
Accept pipeline input? false
Accept wildcard characters? false-AllowEnrollExternalEmail <bool> Allow enrollment of external email
Required? false
Position? named
Default value False
Accept pipeline input? false
Accept wildcard characters? false-OTPLength <uint> The length of the OTP generated
Required? false
Position? named
Default value 6
Accept pipeline input? false
Accept wildcard characters? false<CommonParameters>
This cmdlet supports the common parameters: Verbose, Debug,
ErrorAction, ErrorVariable, WarningAction, WarningVariable,
OutBuffer, PipelineVariable, and OutVariable. For more information, see
about_CommonParameters documentation. INPUTS
-none-
OUTPUTS
EXAMPLES
---------- EXAMPLE 1 ----------
New-RASMFA "MFA"
Creates a new Multi Factor Authentication with the specified name.
RELATED LINKS
Last updated