Set-RASMFA
NAME
Set-RASMFA
SYNOPSIS
Modifies a multi-factor authentication.
SYNTAX
Set-RASMFA [-Id] <uint> -Deepnet <SwitchParameter> [-ActivateEmail <bool>] [-ActivateSMS <bool>] [-App <string>] [-AppID <string>] [-AuthMode {MandatoryForAllUsers | CreateTokenForDomainAuthenticatedUsers | UsersWithDeepnetAcc}] [-DeepnetAgent <string>] [-DeepnetPort <uint>] [-DeepnetServer <string>] [-DefaultDomain <string>] [-Description <string>] [-Enabled <bool>] [-InheritDefaultCriteriaSettings <bool>] [-NewName <string>] [-SSL <bool>] [-TokenType {MobileID | QuickID}] [<CommonParameters>]
Set-RASMFA [-Id] <uint> -EmailOTP <SwitchParameter> [-ADCustomAttribute <string>] [-AllowEnrollExternalEmail <bool>] [-DefaultEmailContent <SwitchParameter>] [-DefaultEmailSubject <SwitchParameter>] [-DefaultUserMessagePrompt <SwitchParameter>] [-Description <string>] [-DisplayName <string>] [-EmailContent <string>] [-EmailSubject <string>] [-Enabled <bool>] [-ExternalEmailStorage {RASDatabase | ADMail | ADCustom}] [-InheritDefaultCriteriaSettings <bool>] [-NewName <string>] [-OTPLength <uint>] [-OTPLifespanSec <uint>] [-ShowInformationForUnenrolledUsers {Always | IfEnrollmentIsAllowed | Never}] [-UntilDateTime <DateTime>] [-UserEnrollment {Allow | AllowUntil | DoNotAllow}] [-UserMessagePrompt <string>] [<CommonParameters>]
Set-RASMFA [-Id] <uint> -Radius <SwitchParameter> [-BackupServer <string>] [-DefaultUserMessagePrompt <SwitchParameter>] [-Description <string>] [-DisplayName <string>] [-Enabled <bool>] [-ForwardFirstPwdToAD <bool>] [-HAMode {Parallel | Serial}] [-IgnoreErrors <string[]>] [-InheritDefaultCriteriaSettings <bool>] [-NewName <string>] [-PasswordEncoding {PAP | CHAP}] [-RadiusPort <uint>] [-RadiusServer <string>] [-Retries <uint>] [-SecretKey <SecureString>] [-Timeout <uint>] [-UserMessagePrompt <string>] [-UsernameOnly <bool>] [<CommonParameters>]
Set-RASMFA [-Id] <uint> -Safenet <SwitchParameter> [-Description <string>] [-Enabled <bool>] [-InheritDefaultCriteriaSettings <bool>] [-NewName <string>] [-OTPServiceURL <string>] [-SafenetAuthMode {MandatoryForAllUsers | CreateTokenForDomainAuthenticatedUsers | UsersWithSafeNetAcc}] [-TMSWebApiURL <string>] [-UserRepository <string>] [<CommonParameters>]
Set-RASMFA [-Id] <uint> -TOTP <SwitchParameter> [-DefaultUserMessagePrompt <SwitchParameter>] [-Description <string>] [-DisplayName <string>] [-Enabled <bool>] [-InheritDefaultCriteriaSettings <bool>] [-NewName <string>] [-ShowInformationForUnenrolledUsers {Always | IfEnrollmentIsAllowed | Never}] [-Tolerance <uint>] [-UntilDateTime <DateTime>] [-UserEnrollment {Allow | AllowUntil | DoNotAllow}] [-UserMessagePrompt <string>] [<CommonParameters>]
Set-RASMFA [-InputObject] <MFA> [-ActivateEmail <bool>] [-ActivateSMS <bool>] [-App <string>] [-AppID <string>] [-AuthMode {MandatoryForAllUsers | CreateTokenForDomainAuthenticatedUsers | UsersWithDeepnetAcc}] [-Deepnet <SwitchParameter>] [-DeepnetAgent <string>] [-DeepnetPort <uint>] [-DeepnetServer <string>] [-DefaultDomain <string>] [-Description <string>] [-Enabled <bool>] [-InheritDefaultCriteriaSettings <bool>] [-NewName <string>] [-SSL <bool>] [-TokenType {MobileID | QuickID}] [<CommonParameters>]
Set-RASMFA [-InputObject] <MFA> [-ADCustomAttribute <string>] [-AllowEnrollExternalEmail <bool>] [-DefaultEmailContent <SwitchParameter>] [-DefaultEmailSubject <SwitchParameter>] [-DefaultUserMessagePrompt <SwitchParameter>] [-Description <string>] [-DisplayName <string>] [-EmailContent <string>] [-EmailOTP <SwitchParameter>] [-EmailSubject <string>] [-Enabled <bool>] [-ExternalEmailStorage {RASDatabase | ADMail | ADCustom}] [-InheritDefaultCriteriaSettings <bool>] [-NewName <string>] [-OTPLength <uint>] [-OTPLifespanSec <uint>] [-ShowInformationForUnenrolledUsers {Always | IfEnrollmentIsAllowed | Never}] [-UntilDateTime <DateTime>] [-UserEnrollment {Allow | AllowUntil | DoNotAllow}] [-UserMessagePrompt <string>] [<CommonParameters>]
Set-RASMFA [-InputObject] <MFA> [-BackupServer <string>] [-DefaultUserMessagePrompt <SwitchParameter>] [-Description <string>] [-DisplayName <string>] [-Enabled <bool>] [-HAMode {Parallel | Serial}] [-IgnoreErrors <string[]>] [-InheritDefaultCriteriaSettings <bool>] [-NewName <string>] [-PasswordEncoding {PAP | CHAP}] [-Radius <SwitchParameter>] [-RadiusPort <uint>] [-RadiusServer <string>] [-Retries <uint>] [-SecretKey <SecureString>] [-Timeout <uint>] [-UserMessagePrompt <string>] [-UsernameOnly <bool>] [<CommonParameters>]
Set-RASMFA [-InputObject] <MFA> [-Description <string>] [-Enabled <bool>] [-InheritDefaultCriteriaSettings <bool>] [-NewName <string>] [-OTPServiceURL <string>] [-Safenet <SwitchParameter>] [-SafenetAuthMode {MandatoryForAllUsers | CreateTokenForDomainAuthenticatedUsers | UsersWithSafeNetAcc}] [-TMSWebApiURL <string>] [-UserRepository <string>] [<CommonParameters>]
Set-RASMFA [-InputObject] <MFA> [-DefaultUserMessagePrompt <SwitchParameter>] [-Description <string>] [-DisplayName <string>] [-Enabled <bool>] [-InheritDefaultCriteriaSettings <bool>] [-NewName <string>] [-ShowInformationForUnenrolledUsers {Always | IfEnrollmentIsAllowed | Never}] [-Tolerance <uint>] [-TOTP <SwitchParameter>] [-UntilDateTime <DateTime>] [-UserEnrollment {Allow | AllowUntil | DoNotAllow}] [-UserMessagePrompt <string>] [<CommonParameters>]
Set-RASMFA [-Name] <string> [[-SiteId] <uint>] -Deepnet <SwitchParameter> [-ActivateEmail <bool>] [-ActivateSMS <bool>] [-App <string>] [-AppID <string>] [-AuthMode {MandatoryForAllUsers | CreateTokenForDomainAuthenticatedUsers | UsersWithDeepnetAcc}] [-DeepnetAgent <string>] [-DeepnetPort <uint>] [-DeepnetServer <string>] [-DefaultDomain <string>] [-Description <string>] [-Enabled <bool>] [-InheritDefaultCriteriaSettings <bool>] [-NewName <string>] [-SSL <bool>] [-TokenType {MobileID | QuickID}] [<CommonParameters>]
Set-RASMFA -EmailOTP <SwitchParameter> [-ADCustomAttribute <string>] [-AllowEnrollExternalEmail <bool>] [-DefaultEmailContent <SwitchParameter>] [-DefaultEmailSubject <SwitchParameter>] [-DefaultUserMessagePrompt <SwitchParameter>] [-Description <string>] [-DisplayName <string>] [-EmailContent <string>] [-EmailSubject <string>] [-Enabled <bool>] [-ExternalEmailStorage {RASDatabase | ADMail | ADCustom}] [-InheritDefaultCriteriaSettings <bool>] [-NewName <string>] [-OTPLength <uint>] [-OTPLifespanSec <uint>] [-ShowInformationForUnenrolledUsers {Always | IfEnrollmentIsAllowed | Never}] [-UntilDateTime <DateTime>] [-UserEnrollment {Allow | AllowUntil | DoNotAllow}] [-UserMessagePrompt <string>] [<CommonParameters>]
Set-RASMFA [-Name] <string> [[-SiteId] <uint>] -Radius <SwitchParameter> [-BackupServer <string>] [-DefaultUserMessagePrompt <SwitchParameter>] [-Description <string>] [-DisplayName <string>] [-Enabled <bool>] [-ForwardFirstPwdToAD <bool>] [-HAMode {Parallel | Serial}] [-IgnoreErrors <string[]>] [-InheritDefaultCriteriaSettings <bool>] [-NewName <string>] [-PasswordEncoding {PAP | CHAP}] [-RadiusPort <uint>] [-RadiusServer <string>] [-Retries <uint>] [-SecretKey <SecureString>] [-Timeout <uint>] [-UserMessagePrompt <string>] [-UsernameOnly <bool>] [<CommonParameters>]
Set-RASMFA [-Name] <string> [[-SiteId] <uint>] -Safenet <SwitchParameter> [-Description <string>] [-Enabled <bool>] [-InheritDefaultCriteriaSettings <bool>] [-NewName <string>] [-OTPServiceURL <string>] [-SafenetAuthMode {MandatoryForAllUsers | CreateTokenForDomainAuthenticatedUsers | UsersWithSafeNetAcc}] [-TMSWebApiURL <string>] [-UserRepository <string>] [<CommonParameters>]
Set-RASMFA [-Name] <string> [[-SiteId] <uint>] -TOTP <SwitchParameter> [-DefaultUserMessagePrompt <SwitchParameter>] [-Description <string>] [-DisplayName <string>] [-Enabled <bool>] [-InheritDefaultCriteriaSettings <bool>] [-NewName <string>] [-ShowInformationForUnenrolledUsers {Always | IfEnrollmentIsAllowed | Never}] [-Tolerance <uint>] [-UntilDateTime <DateTime>] [-UserEnrollment {Allow | AllowUntil | DoNotAllow}] [-UserMessagePrompt <string>] [<CommonParameters>]
DESCRIPTION
Modifies properties of a multi-factor authentication.
PARAMETERS
-Name <string> The name of the target multi-factor authentication .
This must be the actual multi-factor authentication name used in the RAS farm.
-SiteId <uint> Site ID in which to modify the specified multi-factor authentication .
If the parameter is omitted, the site ID of the Licensing Server will be used.
-Id <uint> The ID of the multi-factor authentication to modify. To obtain the ID, use the Get-RASMFA cmdlet.
-InputObject <MFA> The multi factor authentication to modify.
To obtain an object of type MFA, use the Get-RASMFA cmdlet.
-NewName <string> The new name of the target multi-factor authentication .
-Description <string> A user-defined multi-factor authentication description.
-Enabled <bool> Enable or disable the specified multi-factor authentication in a site.
-InheritDefaultCriteriaSettings <bool> If true default criteria settings will be inherited.
-Deepnet <SwitchParameter> Deepnet SwitchParameter.
-ActivateEmail <bool> Whether the activation email is enabled or disabled.
-ActivateSMS <bool> Whether the activation SMS is enabled or disabled.
-App <string> A value that represents the application name.
-AppID <string> A value that represents the application ID.
-AuthMode <DeepnetAuthMode> Authentication mode which defines the type of user for which a token will be created.
Possible values: MandatoryForAllUsers, CreateTokenForDomainAuthenticatedUsers, UsersWithDeepnetAcc
-DeepnetAgent <string> A value that represents the name of Deepnet Agent.
-DefaultDomain <string> A value that represents the Default Domain.
-SSL <bool> Whether SSL is allowed or not.
-DeepnetServer <string> The server of the second level authentication provider.
-DeepnetPort <uint> The port number of the second level authentication provider.
-TokenType <TokenType> Token Type (Flash ID, Mobile ID, Grid ID, or Quick ID).
Possible values: MobileID, QuickID
-Radius <SwitchParameter> Radius SwitchParameter
-RadiusServer <string> The server of the second level authentication provider.
-RadiusPort <uint> The port number of the second level authentication provider.
-PasswordEncoding <PasswordEncoding> The type of password encoding to be used.
Possible values: PAP, CHAP
-Retries <uint> Number of retries.
-Timeout <uint> Connection timeout (in seconds).
-DisplayName <string> RADIUS type name.
-UsernameOnly <bool> Specifies if forwarding of only the Username to RADIUS Server is enabled or not.
-ForwardFirstPwdToAD <bool> Specifies if forwarding of first password to Windows authentication provider is enabled or not.
-BackupServer <string> The backup server of the second level authentication provider.
-HAMode <HAMode> The type of high availability mode to be used.
Possible values: Parallel, Serial
-SecretKey <SecureString> RADIUS setting. The secret key.
-IgnoreErrors <string[]> Specifies the list of Ignored Errors.
This is a DuoRadius only setting.
-Safenet <SwitchParameter> Safenet SwitchParameter
-SafenetAuthMode <SafeNetAuthMode> SafeNet Authentication Mode
Possible values: MandatoryForAllUsers, CreateTokenForDomainAuthenticatedUsers, UsersWithSafeNetAcc
-OTPServiceURL <string> OTP Service URL
-UserRepository <string> A value representing User Store
-TMSWebApiURL <string> The URL of the web service
-TOTP <SwitchParameter> TOTP SwitchParameter
-UserEnrollment <UserEnrollment> Use of Enrollment
Possible values: Allow, AllowUntil, DoNotAllow
-ShowInformationForUnenrolledUsers <ShowInformationForUnenrolledUsers> Show information for unenrolled users
Possible values: Always, IfEnrollmentIsAllowed, Never
-UntilDateTime <DateTime> Allow User Enrollment until date/time
-Tolerance <uint> TOTP tolerance in seconds. Accepted values are 0 (None), 30, 60, 90 and 120
-EmailOTP <SwitchParameter> Email OTP SwitchParameter
-OTPLifespanSec <uint> The lifespan of the OTP (seconds)
-ExternalEmailStorage <ExternalEmailStorage> The storage where the external email is stored
Possible values: RASDatabase, ADMail, ADCustom
-DefaultEmailContent <SwitchParameter> If this parameter is included, the email body content will be replaced with the default body content.
-EmailContent <string> The content of the email. Possible variables: %OTP%, %DURATION%
-DefaultEmailSubject <SwitchParameter> If this parameter is included, the email subject will be replaced with the default subject.
-EmailSubject <string> The subject of the email. Possible variables: %OTP%
-DefaultUserMessagePrompt <SwitchParameter> If this parameter is included, the message prompt will be replaced with the default message prompt.
-UserMessagePrompt <string> User message prompt
-ADCustomAttribute <string> AD Custom Attribute
-AllowEnrollExternalEmail <bool> Allow enrollment of external email
-OTPLength <uint> The length of the OTP generated
<CommonParameters>
INPUTS
OUTPUTS
-none-
EXAMPLES
---------- EXAMPLE 1 ----------
Set-RASMFA "MFA" -Deepnet -Enabled $False
Disables the multi-factor authentication specified by name and by type. ---------- EXAMPLE 2 ----------
Set-RASMFA -Id 10 -Enabled $False
Disables the multi-factor authentication specified by ID.
RELATED LINKS
Last updated