How to configure RADIUS 2nd factor authentication
Problem: Would like to setup RADIUS (token) authentication as a 2nd factor authentication method.
Prerequisite(s):
- RADIUS server IP/port#
- RADIUS server secret key
- Access to Server Management console (8090 console)
Solution(s): It's important to have the 8090 console because if you misconfigure the RADIUS settings you will not be able to login from traditional login page. You will need to go in through 8090 console -> Settings -> webAdmin Dashboard to turn off RADIUS authentication. If you are unfamiliar with the previous description, do NOT continue and contact support for assistance.
Steps how-to enable:
- Go to webAdmin -> Tree Root -> Stoneware
- Expand DefaultLoginPolicy (or equivalent login policy object)
- Right-click on DefaultLoginPolicy and create a new object of type Login Attribute
- Enter name RadiusAttribute
- Enter the following information:
Application type: Authorization
Description: Radius-Password
Name: [RADIUS.password]
- Click Save button
- Click on DefaultLoginPolicy object
- Under Ordered Attributes, click + button to add
- Add in the RadiusAttribute
- Go to the Options panel
- Turn on Radius Authentication checkbox
- Enter the IP address for the Authentication Server
- Enter the Authentication Port
- Enter the IP address for the Accounting Server (Optional)
- Enter the Accounting Port (Optional)
- Enter the shared secret for the RADIUS server
- Click Save button
- Restart relay from 8090 console
- Test login
Steps how-to disable:
- Go to webAdmin -> Tree Root -> Stoneware
- Go back to the DefaultLoginPolicy
- Under the Ordered Attributes box, select the RadiusAttribute and click X to remove it
- Go to the Options panel
- Uncheck the Radius Authentication checkbox
- Click the Save button
- Restart relay from 8090 console
Debugging:
com.stoneware.auth.RADIUSAuthenticator
Keywords: 2-Factor, Two-Factor
Can't find the KB
Unable to find the KB to address your issue ?
Recent Articles
Lenovo Unified Workspace End-of-Life Questions and Answers
Will the shutdown of LUW servers and access to downloads affect my server licensing? No, the shutdown of the customer servers and access to the product and licensing downloads will not affect your server licensing. This license is downloaded and ...
How do I determine my Unified Workspace license expiration date?
The best method for determining the licensing information including the expiration date of your Unified Workspace license: Login to your 8090 management console on each server This may take remoting into each LUW server and relay, opening a browser, ...
Lenovo Unified Workspace 7.0.2.13 Released
Highlights of Unified Workspace 7.0.2.13 Before you install: Please view the installation notes here. 7.0.2.13 requires a 7.0 license file. Below is a list of enhancements and fixes released in Unified Workspace 7.0.2.13 Fixed external storage ...
LanSchool Documentation Guides
LanSchool Classic Teacher Console The LanSchool Teacher Console is the interface teachers will use to manage their classroom and students. It contains all the tools necessary for a teacher to effectively interact with students and create a ...
Lenovo Unified Workspace 7.0.1.41 Released
Highlights of Unified Workspace 7.0.1.41 Before you install: Please view the installation notes here. 7.0.1.41 requires a 7.0 license file. Below is a list of enhancements and fixes for Unified Workspace 7.0.1.41 Updated Log4j Updated Java Updated ...
Related Articles
Two-factor Authentication Options in Unified Workspace
Issue: What Two-factor authentication options are available in Unified Workspace? Solution: We currently have three Two-factor authentication options in Unified Workspace, that are supported across all browsers. Challenge Authentication Image ...
webDav & Additional Authentication Methods.
When deciding to use additional methods for authentication like Radius or additional attributes on the login page, keep in mind that features like webDav / webDrive do not support these optional attributes and can only authenticate using a ...
Desktop Authentication known issues and recommendations
Problem: What are the known issues of using Desktop Authentication feature to automatically log users into the portal? Cause: Desktop Authentication feature uses Windows Integrated Authentication (NTLMv1). Most browsers do not support auto-login ...
Issues with NTLM Authentication
Are there any issues with using NTLM authentication when doing SSO to a back end application ? Update 10-31-2014 : With webNetwork 6.2.1.182 and higher there have been many updates made to handle NTLM v2 applications that do not also maintain a ...
Troubleshooting issues with authentication
Issue: A user is receiving a Failed Login Attempt error every-time they try to login to Unified Workspace. How can we determine the root cause of the failed login? Solution: Enable the Authentication debug logging: Browse to the 8090 Management ...