• No results found

Microsoft Outlook Web Access 2013 Authenticating Users Using SecurAccess Server by SecurEnvoy

N/A
N/A
Info
Download
Protected

Academic year: 2021

Share "Microsoft Outlook Web Access 2013 Authenticating Users Using SecurAccess Server by SecurEnvoy"

Copied!
9
0
0

Loading.... (view fulltext now)

Download now ( 9 Page )

Full text

(1)

Microsoft Outlook Web Access 2013

Authenticating Users Using SecurAccess Server by

SecurEnvoy

Contact information SecurEnvoy www.securenvoy.com 0845 2600010 Merlin House Brunel Road Theale Reading RG7 4AB

(2)

Microsoft Outlook Web Access 2013 Integration Guide

This document describes how to integrate Microsoft Outlook Web Access 2013 (OWA 2013) with SecurEnvoy two-factor Authentication solution called ‘SecurAccess’.

OWA 2013 provides Secure Remote Access to the internal corporate email.

SecurAccess provides two-factor, strong authentication for remote Access solutions (such as OWA 2013), without the complication of deploying hardware tokens or smartcards.

Two-Factor authentication is provided by the use of (your PIN and your Phone to receive the one time passcode)

SecurAccess is designed as an easy to deploy and use technology. It integrates directly into any LDAP server and negates the need for additional User Security databases. SecurAccess consists of two core elements: a Radius Server and Authentication server. The Authentication server is directly integrated with LDAP in real time.

SecurEnvoy Security Server can be configured in such a way that it can use the existing LDAP password. Utilizing the LDAP password as the PIN, allows the User to enter their UserID, Domain password and One Time Passcode received upon their mobile phone. This authentication request is passed via the Radius protocol to the SecurEnvoy Radius server where it carries out a Two-Factor authentication. It provides a seamless login into the Windows Server environment by entering three pieces of information. SecurEnvoy utilizes a web GUI for configuration. All notes within this integration guide refer to this type of approach.

The equipment used for the integration process is listed below: OWA 2013

Microsoft Server 2012 R2 Microsoft Exchange Server 2013

SecurEnvoy

Microsoft Server 2012 R2

IIS installed with SSL certificate (required for management and remote administration) Active Directory installed or connection to Active Directory via LDAP protocol.

(3)

Index

1.0 Prerequisites ... 3

1.1 Configure the IIS Agent for Default website ... 4

1.2 Configure the IIS Agent for Outlook Web Access ... 5

2.0 Configure logout URL ... 6

2.1 Configure Outlook Web Access Template ... 6

3.0 Test the Two Factor Authentication ... 7

4.0 Notes ... 9

1.0 Prerequisites

It is assumed that the Exchange 2013 has been installed and is authenticating with a username and password.

Securenvoy Security Server has been installed with the Radius service and has a suitable account that has read and write privileges to the Active Directory. If firewalls are between the SecurEnvoy Security server, Active Directory servers, and the Exchange server(s), additional open ports will be required.

IIS Agent has been installed as per the SecurEnvoy IIS Agent Installation and Admin Guide: https://www.securenvoy.com/integrationguides/iis%20agent%20installation%20guide.pdf

The following table shows what token types are supported. Token Type Supported

Real Time SMS or Email

Preload SMS or Email

Soft Token Code

Soft Token Next Code

Voice Call

One Swipe

(4)

1.1 Configure the IIS Agent for Default website

Launch the IIS management interface, either from “Start”, “Administration Tools” or from the Server Manager

Expand the sites list on the navigation pane and select “Default Web Site”, then scroll down the centre panel and press the “SecurEnvoy Two Factor” icon.

Enable the tick box to “Enable Authentication On Site Default Web Site”

Click “Apply” when

(5)

1.2 Configure the IIS Agent for Outlook Web Access

Select the virtual web site you want to protect. For OWA select “owa”, scroll down the centre panel and select “SecurEnvoy Two Factor”

Select the tick box “Enable Authentication On /owa”

Select “Form Based

Authentication” (The

Default)

Click “Apply” to finish Cancel restart IIS when prompted.

Note

(6)

2.0 Configure logout URL

In the Navigation pane, select top level host name (the 2nd line down). Scroll down the centre panel and press the “SecurEnvoy Two Factor” icon. Setup your required inactivity timeout.

Add the logout URL /owa/auth/logon.aspx /owa/auth/logoff.aspx

Restart IIS when prompted.

2.1 Configure Outlook Web Access Template

Copy the contents of OWA2013 (C:\Program Files (x86)\SecurEnvoy\Microsoft IIS Agent\SAMPLES) to

(7)

3.0 Test the Two Factor Authentication

Test the Two Factor Web authentication by opening a browser and going to the URL for the Web server i.e.

https://your_server_name/owa (Don’t forget the https) User logon screen is shown.

Enter your UsedID and Password:

User is then presented with their two factor authentication type:  Pre load, Realtime and

Soft tokens:

 VOICE tokens:

(8)

User authenticates successfully and is presented with OWA 2013:

Note

Configure your domain name within seiis.ini (C:\Windows):

# Default Domain Name to use if no domain information is included in this UserID (leave blank if not required)

DefaultDomain=”yourdomain”

(9)

References

Download now ( PDF - 9 Page - 759.59 KB )

Related documents

Dell SonicWALL and SecurEnvoy Integration Guide. Authenticating Users Using SecurAccess Server by SecurEnvoy

SecurAccess consists of two core elements: a RADIUS server to facilitate communication with solutions such as Dell SonicWALL SSL VPNs and an authentication server to au-

External authentication with Astaro AG Astaro Security Gateway UTM appliances Authenticating Users Using SecurAccess Server by SecurEnvoy

Go to Web Security -> HTTP/S and choose either Basic User Authentication or Transparent with authentication and add the RADIUS group or single users to the list of

External Authentication with Windows 2012 R2 Server with Remote Desktop Web Gateway Authenticating Users Using SecurAccess Server by SecurEnvoy

This document describes how to integrate a Windows 2012 R2 Remote Desktop Web (RDWeb) Gateway installed with SecurEnvoy two-factor Authentication solution called

External Authentication with Windows 2008 Server with Routing and Remote Access Service Authenticating Users Using SecurAccess Server by SecurEnvoy

Start the Server Manager and expand “Network Policy and Access Services” and select “Routing and Remote Access”, right mouse click and select “Properties”.. Select

Full disk encryption with Sophos Safeguard Enterprise With Two-Factor authentication of Users Using SecurAccess by SecurEnvoy

updated. They will see the following message. When the log’s off and log on again they will then use the new Active Passcode.. b) User had machine ‘Locked’ when Daycode was

SalesForce SSO with Active Directory Federated Services (ADFS) v2.0 Authenticating Users Using SecurAccess Server by SecurEnvoy

SalesForce is a customer relationship management tool (CRM) that can be configured to use a local Active Directory Federation Service (ADFS) to enable local users to sign on with

External Authentication with Netscreen 25 Remote VPN Authenticating Users Using SecurAccess Server by SecurEnvoy

Create a new VPN gateway enter SecurEnvoy Gateway as the name for this new entry select “custom” security level, select “dial-up user group” and select the group you

External Authentication with Juniper SSL VPN appliance Authenticating Users Using SecurAccess Server by SecurEnvoy

Securenvoy Security Server has been installed with the Radius service and has a suitable account that has read and write privileges to the Active Directory, if