Set-RASMFA.md

NAME

Set-RASMFA

SYNOPSIS

Modifies a multi-factor authentication.

SYNTAX

Set-RASMFA [Id] (uint) -Deepnet (SwitchParameter) [ActivateEmail (bool)] [ActivateSMS (bool)] [App (string)] [AppID (string)] [-AuthMode {MandatoryForAllUsers | CreateTokenForDomainAuthenticatedUsers | UsersWithDeepnetAcc}] [DeepnetAgent (string)] [DeepnetPort (uint)] [DeepnetServer (string)] [DefaultDomain (string)] [Description (string)] [Enabled (bool)] [InheritDefaultCriteriaSettings (bool)] [NewName (string)] [SSL (bool)] [-TokenType {MobileID | QuickID}] [(CommonParameters)]

Set-RASMFA [Id] (uint) -EmailOTP (SwitchParameter) [ADCustomAttribute (string)] [AllowEnrollExternalEmail (bool)] [DefaultEmailContent (SwitchParameter)] [DefaultEmailSubject (SwitchParameter)] [DefaultUserMessagePrompt (SwitchParameter)] [Description (string)] [DisplayName (string)] [EmailContent (string)] [EmailSubject (string)] [Enabled (bool)] [-ExternalEmailStorage {RASDatabase | ADMail | ADCustom}] [InheritDefaultCriteriaSettings (bool)] [NewName (string)] [OTPLength (uint)] [OTPLifespanSec (uint)] [-ShowInformationForUnenrolledUsers {Always | IfEnrollmentIsAllowed | Never}] [UntilDateTime (DateTime)] [-UserEnrollment {Allow | AllowUntil | DoNotAllow}] [UserMessagePrompt (string)] [(CommonParameters)]

Set-RASMFA [Id] (uint) -Radius (SwitchParameter) [BackupServer (string)] [DefaultUserMessagePrompt (SwitchParameter)] [Description (string)] [DisplayName (string)] [Enabled (bool)] [ForwardFirstPwdToAD (bool)] [-HAMode {Parallel | Serial}] [-IgnoreErrors (string[])] [InheritDefaultCriteriaSettings (bool)] [NewName (string)] [-PasswordEncoding {PAP | CHAP}] [RadiusPort (uint)] [RadiusServer (string)] [Retries (uint)] [SecretKey (SecureString)] [Timeout (uint)] [UserMessagePrompt (string)] [UsernameOnly (bool)] [(CommonParameters)]

Set-RASMFA [Id] (uint) -Safenet (SwitchParameter) [Description (string)] [Enabled (bool)] [InheritDefaultCriteriaSettings (bool)] [NewName (string)] [OTPServiceURL (string)] [-SafenetAuthMode {MandatoryForAllUsers | CreateTokenForDomainAuthenticatedUsers | UsersWithSafeNetAcc}] [TMSWebApiURL (string)] [UserRepository (string)] [(CommonParameters)]

Set-RASMFA [Id] (uint) -TOTP (SwitchParameter) [DefaultUserMessagePrompt (SwitchParameter)] [Description (string)] [DisplayName (string)] [Enabled (bool)] [InheritDefaultCriteriaSettings (bool)] [NewName (string)] [-ShowInformationForUnenrolledUsers {Always | IfEnrollmentIsAllowed | Never}] [Tolerance (uint)] [UntilDateTime (DateTime)] [-UserEnrollment {Allow | AllowUntil | DoNotAllow}] [UserMessagePrompt (string)] [(CommonParameters)]

Set-RASMFA [-InputObject] (MFA) [ActivateEmail (bool)] [ActivateSMS (bool)] [App (string)] [AppID (string)] [-AuthMode {MandatoryForAllUsers | CreateTokenForDomainAuthenticatedUsers | UsersWithDeepnetAcc}] [Deepnet (SwitchParameter)] [DeepnetAgent (string)] [DeepnetPort (uint)] [DeepnetServer (string)] [DefaultDomain (string)] [Description (string)] [Enabled (bool)] [InheritDefaultCriteriaSettings (bool)] [NewName (string)] [SSL (bool)] [-TokenType {MobileID | QuickID}] [(CommonParameters)]

Set-RASMFA [-InputObject] (MFA) [ADCustomAttribute (string)] [AllowEnrollExternalEmail (bool)] [DefaultEmailContent (SwitchParameter)] [DefaultEmailSubject (SwitchParameter)] [DefaultUserMessagePrompt (SwitchParameter)] [Description (string)] [DisplayName (string)] [EmailContent (string)] [EmailOTP (SwitchParameter)] [EmailSubject (string)] [Enabled (bool)] [-ExternalEmailStorage {RASDatabase | ADMail | ADCustom}] [InheritDefaultCriteriaSettings (bool)] [NewName (string)] [OTPLength (uint)] [OTPLifespanSec (uint)] [-ShowInformationForUnenrolledUsers {Always | IfEnrollmentIsAllowed | Never}] [UntilDateTime (DateTime)] [-UserEnrollment {Allow | AllowUntil | DoNotAllow}] [UserMessagePrompt (string)] [(CommonParameters)]

Set-RASMFA [-InputObject] (MFA) [BackupServer (string)] [DefaultUserMessagePrompt (SwitchParameter)] [Description (string)] [DisplayName (string)] [Enabled (bool)] [-HAMode {Parallel | Serial}] [-IgnoreErrors (string[])] [InheritDefaultCriteriaSettings (bool)] [NewName (string)] [-PasswordEncoding {PAP | CHAP}] [Radius (SwitchParameter)] [RadiusPort (uint)] [RadiusServer (string)] [Retries (uint)] [SecretKey (SecureString)] [Timeout (uint)] [UserMessagePrompt (string)] [UsernameOnly (bool)] [(CommonParameters)]

Set-RASMFA [-InputObject] (MFA) [Description (string)] [Enabled (bool)] [InheritDefaultCriteriaSettings (bool)] [NewName (string)] [OTPServiceURL (string)] [Safenet (SwitchParameter)] [-SafenetAuthMode {MandatoryForAllUsers | CreateTokenForDomainAuthenticatedUsers | UsersWithSafeNetAcc}] [TMSWebApiURL (string)] [UserRepository (string)] [(CommonParameters)]

Set-RASMFA [-InputObject] (MFA) [DefaultUserMessagePrompt (SwitchParameter)] [Description (string)] [DisplayName (string)] [Enabled (bool)] [InheritDefaultCriteriaSettings (bool)] [NewName (string)] [-ShowInformationForUnenrolledUsers {Always | IfEnrollmentIsAllowed | Never}] [Tolerance (uint)] [TOTP (SwitchParameter)] [UntilDateTime (DateTime)] [-UserEnrollment {Allow | AllowUntil | DoNotAllow}] [UserMessagePrompt (string)] [(CommonParameters)]

Set-RASMFA [Name] (string) [[-SiteId] (uint)] -Deepnet (SwitchParameter) [ActivateEmail (bool)] [ActivateSMS (bool)] [App (string)] [AppID (string)] [-AuthMode {MandatoryForAllUsers | CreateTokenForDomainAuthenticatedUsers | UsersWithDeepnetAcc}] [DeepnetAgent (string)] [DeepnetPort (uint)] [DeepnetServer (string)] [DefaultDomain (string)] [Description (string)] [Enabled (bool)] [InheritDefaultCriteriaSettings (bool)] [NewName (string)] [SSL (bool)] [-TokenType {MobileID | QuickID}] [(CommonParameters)]

Set-RASMFA -EmailOTP (SwitchParameter) [ADCustomAttribute (string)] [AllowEnrollExternalEmail (bool)] [DefaultEmailContent (SwitchParameter)] [DefaultEmailSubject (SwitchParameter)] [DefaultUserMessagePrompt (SwitchParameter)] [Description (string)] [DisplayName (string)] [EmailContent (string)] [EmailSubject (string)] [Enabled (bool)] [-ExternalEmailStorage {RASDatabase | ADMail | ADCustom}] [InheritDefaultCriteriaSettings (bool)] [NewName (string)] [OTPLength (uint)] [OTPLifespanSec (uint)] [-ShowInformationForUnenrolledUsers {Always | IfEnrollmentIsAllowed | Never}] [UntilDateTime (DateTime)] [-UserEnrollment {Allow | AllowUntil | DoNotAllow}] [UserMessagePrompt (string)] [(CommonParameters)]

Set-RASMFA [Name] (string) [[-SiteId] (uint)] -Radius (SwitchParameter) [BackupServer (string)] [DefaultUserMessagePrompt (SwitchParameter)] [Description (string)] [DisplayName (string)] [Enabled (bool)] [ForwardFirstPwdToAD (bool)] [-HAMode {Parallel | Serial}] [-IgnoreErrors (string[])] [InheritDefaultCriteriaSettings (bool)] [NewName (string)] [-PasswordEncoding {PAP | CHAP}] [RadiusPort (uint)] [RadiusServer (string)] [Retries (uint)] [SecretKey (SecureString)] [Timeout (uint)] [UserMessagePrompt (string)] [UsernameOnly (bool)] [(CommonParameters)]

Set-RASMFA [Name] (string) [[-SiteId] (uint)] -Safenet (SwitchParameter) [Description (string)] [Enabled (bool)] [InheritDefaultCriteriaSettings (bool)] [NewName (string)] [OTPServiceURL (string)] [-SafenetAuthMode {MandatoryForAllUsers | CreateTokenForDomainAuthenticatedUsers | UsersWithSafeNetAcc}] [TMSWebApiURL (string)] [UserRepository (string)] [(CommonParameters)]

Set-RASMFA [Name] (string) [[-SiteId] (uint)] -TOTP (SwitchParameter) [DefaultUserMessagePrompt (SwitchParameter)] [Description (string)] [DisplayName (string)] [Enabled (bool)] [InheritDefaultCriteriaSettings (bool)] [NewName (string)] [-ShowInformationForUnenrolledUsers {Always | IfEnrollmentIsAllowed | Never}] [Tolerance (uint)] [UntilDateTime (DateTime)] [-UserEnrollment {Allow | AllowUntil | DoNotAllow}] [UserMessagePrompt (string)] [(CommonParameters)]

DESCRIPTION

Modifies properties of a multi-factor authentication.

PARAMETERS

Name (string)

The name of the target multi-factor authentication .

This must be the actual multi-factor authentication name used in the RAS farm.

SiteId (uint)

Site ID in which to modify the specified multi-factor authentication .

If the parameter is omitted, the site ID of the Licensing Server will be used.

Id (uint)

The ID of the multi-factor authentication to modify. To obtain the ID, use the Get-RASMFA cmdlet.

InputObject (MFA)

The multi factor authentication to modify.

To obtain an object of type MFA, use the Get-RASMFA cmdlet.

NewName (string)

The new name of the target multi-factor authentication .

Description (string)

A user-defined multi-factor authentication description.

Enabled (bool)

Enable or disable the specified multi-factor authentication in a site.

InheritDefaultCriteriaSettings (bool)

If true default criteria settings will be inherited.

Deepnet (SwitchParameter)

Deepnet SwitchParameter.

ActivateEmail (bool)

Whether the activation email is enabled or disabled.

ActivateSMS (bool)

Whether the activation SMS is enabled or disabled.

App (string)

A value that represents the application name.

AppID (string)

A value that represents the application ID.

AuthMode (DeepnetAuthMode)

Authentication mode which defines the type of user for which a token will be created.

Possible values: MandatoryForAllUsers, CreateTokenForDomainAuthenticatedUsers, UsersWithDeepnetAcc

DeepnetAgent (string)

A value that represents the name of Deepnet Agent.

DefaultDomain (string)

A value that represents the Default Domain.

SSL (bool)

Whether SSL is allowed or not.

DeepnetServer (string)

The server of the second level authentication provider.

DeepnetPort (uint)

The port number of the second level authentication provider.

TokenType (TokenType)

Token Type (Flash ID, Mobile ID, Grid ID, or Quick ID).

Possible values: MobileID, QuickID

Radius (SwitchParameter)

Radius SwitchParameter

RadiusServer (string)

The server of the second level authentication provider.

RadiusPort (uint)

The port number of the second level authentication provider.

PasswordEncoding

(PasswordEncoding) The type of password encoding to be used.

Possible values: PAP, CHAP

Retries (uint)

Number of retries.

Timeout (uint)

Connection timeout (in seconds).

DisplayName (string)

RADIUS type name.

UsernameOnly (bool)

Specifies if forwarding of only the Username to RADIUS Server is enabled or not.

ForwardFirstPwdToAD (bool)

Specifies if forwarding of first password to Windows authentication provider is enabled or not.

BackupServer (string)

The backup server of the second level authentication provider.

HAMode (HAMode)

The type of high availability mode to be used.

Possible values: Parallel, Serial

SecretKey (SecureString)

RADIUS setting. The secret key.

IgnoreErrors (string[])

Specifies the list of Ignored Errors.

This is a DuoRadius only setting.

Safenet (SwitchParameter)

Safenet SwitchParameter

SafenetAuthMode

(SafeNetAuthMode) SafeNet Authentication Mode

Possible values: MandatoryForAllUsers, CreateTokenForDomainAuthenticatedUsers, UsersWithSafeNetAcc

OTPServiceURL (string)

OTP Service URL

UserRepository (string)

A value representing User Store

TMSWebApiURL (string)

The URL of the web service

TOTP (SwitchParameter)

TOTP SwitchParameter

UserEnrollment (UserEnrollment)

Use of Enrollment

Possible values: Allow, AllowUntil, DoNotAllow

ShowInformationForUnenrolledUsers

(ShowInformationForUnenrolledUsers) Show information for unenrolled users

Possible values: Always, IfEnrollmentIsAllowed, Never

UntilDateTime (DateTime)

Allow User Enrollment until date/time

Tolerance (uint)

TOTP tolerance in seconds. Accepted values are 0 (None), 30, 60, 90 and 120

EmailOTP (SwitchParameter)

Email OTP SwitchParameter

OTPLifespanSec (uint)

The lifespan of the OTP (seconds)

ExternalEmailStorage

(ExternalEmailStorage) The storage where the external email is stored

Possible values: RASDatabase, ADMail, ADCustom

DefaultEmailContent (SwitchParameter)

If this parameter is included, the email body content will be replaced with the default body content.

EmailContent (string)

The content of the email. Possible variables: %OTP%, %DURATION%

DefaultEmailSubject (SwitchParameter)

If this parameter is included, the email subject will be replaced with the default subject.

EmailSubject (string)

The subject of the email. Possible variables: %OTP%

DefaultUserMessagePrompt (SwitchParameter)

If this parameter is included, the message prompt will be replaced with the default message prompt.

UserMessagePrompt (string)

User message prompt

ADCustomAttribute (string)

AD Custom Attribute

AllowEnrollExternalEmail (bool)

Allow enrollment of external email

OTPLength (uint)

The length of the OTP generated

(CommonParameters)

INPUTS

MFA

OUTPUTS

-none-

EXAMPLES

**---------- EXAMPLE 1 ----------

Set-RASMFA "MFA" -Deepnet -Enabled $False

Disables the multi-factor authentication specified by name and by type. **---------- EXAMPLE 2 ----------

Set-RASMFA -Id 10 -Enabled $False

Disables the multi-factor authentication specified by ID.

RELATED LINKS

• New-RASMFA

• Get-RASMFA

• Remove-RASMFA

• Set-RASCriteria