New-RASMFA.md

NAME

New-RASMFA

SYNOPSIS

Creates a new Multi Factor Authentication.

SYNTAX

New-RASMFA [Name] (string) [[-SiteId] (uint)] -Deepnet (SwitchParameter) -DeepnetAgent (string) -DeepnetPort (uint) -DeepnetServer (string) [ActivateEmail (bool)] [ActivateSMS (bool)] [App (string)] [AppID (string)] [-AuthMode {MandatoryForAllUsers | CreateTokenForDomainAuthenticatedUsers | UsersWithDeepnetAcc}] [DefaultDomain (string)] [Description (string)] [Enabled (bool)] [SSL (bool)] [-TokenType {MobileID | QuickID}] [(CommonParameters)]

New-RASMFA [Name] (string) [[-SiteId] (uint)] -DisplayName (string) -EmailOTP (SwitchParameter) [ADCustomAttribute (string)] [AllowEnrollExternalEmail (bool)] [Description (string)] [EmailContent (string)] [EmailSubject (string)] [Enabled (bool)] [-ExternalEmailStorage {RASDatabase | ADMail | ADCustom}] [OTPLength (uint)] [OTPLifespanSec (uint)] [-ShowInformationForUnenrolledUsers {Always | IfEnrollmentIsAllowed | Never}] [UntilDateTime (DateTime)] [-UserEnrollment {Allow | AllowUntil | DoNotAllow}] [UserMessagePrompt (string)] [(CommonParameters)]

New-RASMFA [Name] (string) [[-SiteId] (uint)] -DisplayName (string) -Radius (SwitchParameter) -RadiusPort (uint) -RadiusServer (string) -Retries (uint) -SecretKey (SecureString) -Timeout (uint) [BackupServer (string)] [Description (string)] [Enabled (bool)] [ForwardFirstPwdToAD (bool)] [-HAMode {Parallel | Serial}] [-PasswordEncoding {PAP | CHAP}] [-RadiusType {Radius | AzureRadius | DuoRadius | FortiRadius | TekRadius}] [UserMessagePrompt (string)] [UsernameOnly (bool)] [(CommonParameters)]

New-RASMFA [Name] (string) [[-SiteId] (uint)] -OTPServiceURL (string) -Safenet (SwitchParameter) [Description (string)] [Enabled (bool)] [-SafenetAuthMode {MandatoryForAllUsers | CreateTokenForDomainAuthenticatedUsers | UsersWithSafeNetAcc}] [TMSWebApiURL (string)] [UserRepository (string)] [(CommonParameters)]

New-RASMFA [Name] (string) [[-SiteId] (uint)] -DisplayName (string) -TOTP (SwitchParameter) [Description (string)] [Enabled (bool)] [-ShowInformationForUnenrolledUsers {Always | IfEnrollmentIsAllowed | Never}] [Tolerance (uint)] [-TOTPType {GAuthTOTP | TOTP | MicrosoftTOTP}] [UntilDateTime (DateTime)] [-UserEnrollment {Allow | AllowUntil | DoNotAllow}] [UserMessagePrompt (string)] [(CommonParameters)]

DESCRIPTION

Creates a new Multi Factor Authentication.

PARAMETERS

Name (string)

The name of the target Multi Factor Authentication.

This must be the actual Multi Factor Authentication name used in the RAS farm.

SiteId (uint)

Site ID in which to modify the specified Multi Factor Authentication.

If the parameter is omitted, the site ID of the Licensing Server will be used.

Description (string)

A user-defined Multi Factor Authentication description.

Enabled (bool)

Enable or disable the Multi Factor Authentication upon creation.

If the parameter is omitted, the Multi Factor Authentication is initialised as Disabled.

Deepnet (SwitchParameter)

ActivateEmail (bool)

Whether the activation email is enabled or disabled.

ActivateSMS (bool)

Whether the activation SMS is enabled or disabled.

App (string)

A value that represents the application name.

AppID (string)

A value that represents the application ID.

AuthMode (DeepnetAuthMode)

Authentication mode which defines the type of user for which a token will be created.

Possible values: MandatoryForAllUsers, CreateTokenForDomainAuthenticatedUsers, UsersWithDeepnetAcc

DeepnetAgent (string)

A value that represents the name of Deepnet Agent.

DefaultDomain (string)

A value that represents the Default Domain.

SSL (bool)

Whether SSL is allowed or not.

DeepnetServer (string)

The server of the second level authentication provider.

DeepnetPort (uint)

The port number of the second level authentication provider.

TokenType (TokenType)

Token Type (Mobile ID or Quick ID).

Possible values: MobileID, QuickID

Radius (SwitchParameter)

Radius SwitchParameter

RadiusType (RadiusType)

RADIUS Type

Possible values: Radius, AzureRadius, DuoRadius, FortiRadius, TekRadius

RadiusServer (string)

The server of the second level authentication provider.

RadiusPort (uint)

The port number of the second level authentication provider.

PasswordEncoding

(PasswordEncoding) The type of password encoding to be used.

Possible values: PAP, CHAP

Retries (uint)

Number of retries.

Timeout (uint)

Connection timeout (in seconds).

DisplayName (string)

RADIUS type name.

UsernameOnly (bool)

Specifies if forwarding of only the Username to RADIUS Server is enabled or not.

ForwardFirstPwdToAD (bool)

Specifies if forwarding of first password to Windows authentication provider is enabled or not.

BackupServer (string)

The backup server of the second level authentication provider.

HAMode (HAMode)

The type of high availability mode to be used.

Possible values: Parallel, Serial

SecretKey (SecureString)

RADIUS setting. The secret key.

Safenet (SwitchParameter)

Safenet SwitchParameter

SafenetAuthMode

(SafeNetAuthMode) SafeNet Authentication Mode

Possible values: MandatoryForAllUsers, CreateTokenForDomainAuthenticatedUsers, UsersWithSafeNetAcc

OTPServiceURL (string)

OTP Service URL

UserRepository (string)

A value representing User Store

TMSWebApiURL (string)

The URL of the web service

TOTP (SwitchParameter)

TOTP SwitchParameter

TOTPType (TOTPType)

TOTP Type

Possible values: GAuthTOTP, TOTP, MicrosoftTOTP

UserEnrollment (UserEnrollment)

Use of Enrollment

Possible values: Allow, AllowUntil, DoNotAllow

ShowInformationForUnenrolledUsers

(ShowInformationForUnenrolledUsers) Show information for unenrolled users

Possible values: Always, IfEnrollmentIsAllowed, Never

UntilDateTime (DateTime)

Allow User Enrollment until date/time

Tolerance (uint)

TOTP tolerance in seconds. Accepted values are 0 (None), 30, 60, 90 and 120

EmailOTP (SwitchParameter)

Email OTP SwitchParameter

OTPLifespanSec (uint)

The lifespan of the OTP (seconds)

ExternalEmailStorage

(ExternalEmailStorage) The storage where the external email is stored

Possible values: RASDatabase, ADMail, ADCustom

EmailContent (string)

The content of the email. Possible variables: %OTP%, %DURATION%

EmailSubject (string)

The subject of the email. Possible variables: %OTP%

UserMessagePrompt (string)

User message prompt

ADCustomAttribute (string)

AD Custom Attribute

AllowEnrollExternalEmail (bool)

Allow enrollment of external email

OTPLength (uint)

The length of the OTP generated

(CommonParameters)

INPUTS

-none-

OUTPUTS

MFADeepnet

MFAEmailOTP

MFARadius

MFASafenet

MFATOTP

EXAMPLES

**---------- EXAMPLE 1 ----------

New-RASMFA "MFA"

Creates a new Multi Factor Authentication with the specified name.

RELATED LINKS

• Get-RASMFA

• Remove-RASMFA

• Invoke-RASMFA