Before an application can be created, a logon procedure must be created first.
| Expand | ||||||
|---|---|---|---|---|---|---|
| ||||||
|
The type of logon procedure for LDAP integration must be LDAP Agent.
Once a logon procedure has been created, you need to add logon steps into the newly created logon procedure.
LDAP integration is typically used to add two-factor authentication to network devices that support user authentication via LDAP. In order to provide two-factor authentication without changing the network device, the common practise is to concatenate passwords from both factors, i.e. Account Password (Static Password) and One-Time Password (OTP), to form a type of new password called “passcode”. DualShield provides and supports the following types of passcodes:
- Static Password
- One-Time Password
- One-Time Password + Static Password
- Static Password + One-Time Password
For instances, if the user’s Static Password is “mypass” and the One-Time Password is “123456” then the passcode entered into the VPN client can be one of the following:
- mypass
- 123456
- 123456mypass
- mypass123456
To provide One-Step Logon you will create a logon procedure with only one logon step.
