Multi-Factor Authentication

To strengthen user logon security, SharePoint Manager Plus supports multi-factor authentication. Once enabled, SharePoint Manager Plus will require users to authenticate using one of the authentication mechanisms mentioned below.

Setting up Multi-factor authentication

Email Verification

When this option is selected, SharePoint Manager Plus sends a verification code via email to the user’s email address. The user has to enter the verification code to login successfully.

Configuration steps:

  1. Configure mail server settings if not done already.
  2. Enter a Subject for the email.
  3. Enter the Message in the box provided.
  4. Once you are done, click Save Settings.

Once enabled, users will be asked to enroll for multi-factor authentication by entering their email address during login.

SMS Verification

When this option is selected, SharePoint Manager Plus sends a verification code via SMS to the user’s mobile number. The user has to enter the verification code to login successfully.

Configuration steps:

  1. Configure SMS server settings if not done already.
  2. Enter the Message in the box provided.
  3. Once you are done, click Save Settings.

Once enabled, users will be asked to enroll for multi-factor authentication by entering their mobile number during login.

Google Authenticator

Google Authenticator adds an extra layer of protection to verify users' identity when they attempt to log into the product. Users will be required to enter a six-digit security code generated by the Google Authenticator app to verify their identity.

Configuration steps:

  1. Click Enable Google Authenticator.
  2. Click Save Settings.

Once enabled, users can enroll themselves for multi-factor authentication using the Google Authenticator app when they log into the application.

RSA SecurID

RSA SecurID is a mechanism developed for performing multi-factor authentication for a user to a network resource. Users can use the security codes generated by the RSA SecurID mobile app, hardware tokens, or tokens received via mail or SMS to log in to SharePoint Manager Plus.

Configuration steps:

  1. Log in to your RSA admin console (e.g., https://RSA machinename.domain DNS name/sc).
  2. Go to Applications. Under Authentication Agents, Click Add New.
  3. Add SharePoint Manager Plus Server as an authentication agent and click Save.
  4. Go to Access. Under Authentication Agents, click Generate Configuration File.
  5. Download AM_Config.zip (Authentication Manager config).
  6. Extract sdconf.rec from the ZIP file.
  7. In SharePoint Manager Plus, under RSA SecurID configuration, click Browse and select the sdconf.rec file.
  8. Ensure that the required authapi.jar file, and its Log4j JAR files are present under the <product_installation_directory>/lib folder. If not, obtain the latest authapi.jar file and its latest Log4j JAR files from RSA SecurID and add these files in the <product_installation_directory>/lib folder.
  9. Click Save Settings.

Duo Security

Duo Security is a two-step verification service that provides additional security while accessing applications. Users can use the six digit security codes generated by the Duo mobile app or push notification to log into SharePoint Manager Plus.

Configuration steps:

  1. Log in to your Duo Security account (e.g., https://admin-325d33c0.duosecurity.com) or Sign up for a new one and login.
  2. Go to Applications. Click Protect an Application.
  3. Search for Web SDK. Click Protect this Application.
  4. Copy the Integration key, Secret key, and API hostname to SharePoint Manager Plus.
  5. Click Save Settings.

Please make sure you select the exact username pattern you use in Duo Security.

If you are using older versions of Internet Explorer, then add the API hostname (e.g., https://api-325d33c0.duosecurity.com) and admin console (e.g., https://admin-325d33c0.duosecurity.com) as a trusted or intranet site.

Note: For users with Duo Security as the preferred authentication service, in the case of loss/replacement of your smartphones, MFA can still be performed smoothly by deleting the account in Duo. Follow the above steps, choose Duo Security as your preferred authentication method, and enable Duo Security once again to start from scratch.

RADIUS Authentication

Remote Authentication Dial-In User Service (RADIUS) is an industry standard client/server authentication protocol that enhances security by protecting networks from unauthorized access.

RADIUS-based multi-factor authentication for SharePoint Manager Plus can be configured in just two simple steps.

Configuration steps:

Step 1: Integrate RADIUS with SharePoint Manager Plus

Step 2: Configure SharePoint Manager Plus for RADIUS

Note: Username Pattern is case-sensitive. Please make sure you select the exact pattern (uppercase or lowercase) you use in your RADIUS server.

Backup Verification Codes

Backup verification codes allow users to log in when they don’t have access to their phone or face issues with one of the second-factor authentication method. When enabled, a total of five codes will be generated. A code once used will become obsolete and cannot be used again. Users also have the option to generate new codes.

Enabling backup verification code

Using the backup verification code to login

Managing users for multi-factor authentication

As an admin, you can view which authentication method users have enrolled for and remove users’ enrollment for multi-factor authentication using the Manage Users option.

To do so, follow the steps below:

To personalize multi-factor authentication method for users

The users enrolled in multi-factor authentication can modify their preferred authentication method and manage trusted browsers by following the steps below:

Copyright © 2024, ZOHO Corp. All Rights Reserved.