Integrating RADIUS Server & Leveraging RADIUS Authentication
You can integrate Password Manager Pro and RADIUS server in your environment and also leverage the RADIUS authentication for user access bypassing the local authentication provided by Password Manager Pro. This section explains the configurations involved in integrating RADIUS server with Password Manager Pro.
1. Providing Basic Details about RADIUS Server
To configure RADIUS server in Password Manager Pro, provide the following basic details about RADIUS server and credentials to establish connection:
- Go to "Admin" >> "Users" >> "RADIUS".
- In the UI that opens, click the button "Configure" on step 1.
- In the UI that opens, provide the following details:
- Server Name/IP Address - enter the host name or IP address of the host where RADIUS server is running.
- Server Authentication Port - enter the port used for RADIUS server authentication. By default, RADIUS has been assigned the UDP port 1812 for RADIUS Authentication.
- Server Protocol - select the protocol that is used to authenticate users. Choose from four protocols - Password Authentication Protocol (PAP), Challenge-Handshake Authentication Protocol (CHAP), Microsoft Challenge-Handshake Authentication Protocol (MSCHAP), Version 2 of Microsoft Challenge-Handshake Authentication Protocol (MSCHAP2).
- Authentication Retries - select the number of times you wish to retry authentication in the event of an authentication failure.
- Server Secret - You have the option to enter the RADIUS server secret either manually in the text box or you can direct Password Manager Pro to use the secret already stored in the product. In that case, you need to select the resource name and account name from the drop down. The second option - storing the RADIUS password in Password Manager Pro and selecting it from drop down is the recommended approach.
- Click "Save".
2. Enabling RADIUS Authentication
After configuring the RADIUS server, the next step is to leverage the RADIUS server's authentication mechanism. To enable RADIUS authentication, click the button "Enable" in step 2. Once you do this, users would be able to login with their RADIUS credentials.
Important Note: The users who will be accessing Password Manager Pro using their RADIUS server credentials, will have to be added as users in Password Manager Pro first. When you do so, you need to ensure that the "user name" in Password Manager Pro is exactly the same as the username used for accessing the RADIUS server. Here, Password Manager Pro does not store the password used for RADIUS authentication.