Secure Mobile Access 12.4 Administration Guide

Configuring Authentication Servers

Setting up authentication involves the following: a directory (such as LDAP, Microsoft Active Directory, or the local authentication store on the appliance), an authentication method (username/password, token or smart card, or digital certificate), and other configuration items that make the authentication process unique (for example, an LDAP search base, or adding custom prompts and messages). The SMA appliance supports the leading authentication directories and methods.

After you reference an authentication server in a realm and associate users with the realm, the appliance checks users’ credentials against the credentials stored in the specified authentication repository. You can also set up chained (two-factor) authentication; see Configuring Chained Authentication for details.

To configure an authentication server

  1. In the AMC, navigate to System Configuration > Authentication Servers.

  2. Click New.

  3. Select the directory type or authentication method you want to configure:

    Directory type or authentication method selection
    Authentication directory Credential type For more information

    Microsoft Active Directory (Basic)

    Microsoft Active Directory (Advanced)

    • Username/password

    Configuring Microsoft Active Directory Servers
    LDAP
    • Username/password

    • Digital certificate

    Configuring LDAP and LDAPS Authentication
    RADIUS
    • Username/password

    • Token-based authentication (such as SecurID or SoftID)

    Configuring RADIUS Authentication
    Cisco Duo Security Authentication Manager Server
    • Token-based authentication
    Integration of SMA with Cisco Duo Security MFA Server
    One Identity Defender
    • Username/password

    • Token-based authentication (such as SecurID or SoftID)

    One Identity Defender
    RSA Authentication Manager Server
    • Token-based authentication (such as SecurID or SoftID)
    Configuring RSA Server Authentication
    Public key infrastructure (PKI)
    • Digital certificate (with optional certificate revocation checking)
    Configuring a PKI Authentication Server
    SAML 2.0 Identity Provider
    • Username/password

    Configuring a SAML-Based Authentication Server
    Local users (local user storage)
    • Username/password

    Configuring Local User Storage

For further information about tasks after configuring the authentication server, see:

Was This Article Helpful?

Help us to improve our support portal

Techdocs Article Helpful form

  • Hidden
  • Hidden

Techdocs Article NOT Helpful form

  • Still can't find what you're looking for? Try our knowledge base or ask our community for more help.
  • Hidden
  • Hidden