locked
Radius Sever with two factor authentication RRS feed

  • Question

  • Hi all,

      Is that possible that I setup a radius server with a separate domain forest to act as a second factor authentication server in a two-factor authentication configuration?

    Thanks

    Best Regards,

    Elroy

    Wednesday, July 20, 2016 7:50 AM

Answers

  • Hi elroykhlo,

    >>should I forward both username and password to the radius server or username only?

    There is no built-in feature to support it.

    RADIUS is a protocol for authentication, authorization, and accounting information between a network access server and a share authentication server that requires authentication of its links.

    It is not designed for your requirement.

    I suggest you look for thirty-party solution.

    Best Regards

    John

    • Proposed as answer by John Lii Monday, August 1, 2016 8:18 AM
    • Marked as answer by Leo Han Wednesday, August 3, 2016 2:56 AM
    Friday, July 22, 2016 6:49 AM

All replies

  • Hi Elroy,

    As far as I know, it could realize two-factor authentication configuration by using Radius server.

    Here is reference for Radius server information:

    https://msdn.microsoft.com/en-us/library/cc755248(v=ws.11).aspx

    Best Regards

    John

    Thursday, July 21, 2016 6:01 AM
  • Hi,

      Can you kindly share more information? the radius should be a separate directory, right? should I forward both username and password to the radius server or username only? I have tried to configure the NPS but it doesn't seem to work...I don't have any clues right now.

    Regards,
    Elroy

    Thursday, July 21, 2016 9:07 AM
  • Hi elroykhlo,

    >>should I forward both username and password to the radius server or username only?

    There is no built-in feature to support it.

    RADIUS is a protocol for authentication, authorization, and accounting information between a network access server and a share authentication server that requires authentication of its links.

    It is not designed for your requirement.

    I suggest you look for thirty-party solution.

    Best Regards

    John

    • Proposed as answer by John Lii Monday, August 1, 2016 8:18 AM
    • Marked as answer by Leo Han Wednesday, August 3, 2016 2:56 AM
    Friday, July 22, 2016 6:49 AM