4.0 Configuring the IIS Authentication Plug-in

You can configure the IIS Authentication plug-in with the Advanced Authentication server, OAuth 2.0 event details and then integrate the plug-in with IIS Manager to implement multi-factor authentication for the websites hosted on the IIS server.

To configure the IIS Authentication plug-in perform the following steps:

  1. Click Start > Administration Tool on Windows system where you have installed the IIS Authentication plug-in.

  2. Specify the following details:

    Table 4-1 IIS Authentication plug-in parameters

    Parameter

    Description

    Server URL

    DNS name of the Advanced Authentication server without https://.

    NOTE:You cannot specify IP address of Advance Authentication server in Server URL.

    Client ID

    ID that is obtained from the OAuth 2.0 event.

    Client secret

    Secret that is obtained from the OAuth 2.0 event.

    Tenant name

    If the Multitenancy mode is enabled, specify the preferred tenant name. If the Multitenancy mode is not enabled then specify TOP by default.

    Logout URL

    To handle logout in another application, set this field with URL related to that application.

    For example, to allow Outlook Web Access (OWA) to manage logout, set Logout URL with /owa/logoff.owa.

    This field can be empty. For example, in case of RDWeb. However, if the Logout URL is empty, IIS plug-in cannot manage the logout process.

  3. Click Save.

  4. Click Registrations.

    The Manage IIS registrations window is displayed. All the websites that are hosted on the IIS Manager are populated in this window.

  5. Select the preferred website and click Enable.

    The users must pass the authentication methods in the IIS Authentication plug-in to access these websites that are enabled in the Manage IIS registrations window.

    To disable a website, select the website and click Disable. The users can access the disabled websites without authenticating through the IIS Authentication plug-in.

    To update the websites list, click Refresh.

To integrate the IIS Manager with the IIS Authentication plug-in, perform the following steps:

  1. Open the IIS Manager console.

  2. In Features View of IIS Manager, double-click Authentication.

  3. On the Authentication page, select Anonymous Authentication.Click Edit to set the anonymous authentication for users who will connect to the site.

  4. In the Edit Anonymous Authentication Credentials dialog box, select Application pool identity and set this identity to LocalSystem.