Manualshelf

Product manual

ManualsBrandsESET ManualsComputer equipmentREMOTE ADMINISTRATOR V1
11121314151617181920
17
6.1 Configuration
The Web Application integration can be configured from the Basic Settings page of your domain in the ESET Secure Authentication
management console.
The settings for the Exchange Server plugins, Outlook Web App and Exchange Control Panel, are global to the domain. The settings
for all other Web Application plugins are per server.
The 2FA protection can be enabled or disabled for each Web Application. The 2FA protection is enabled by default after
installation. The World Wide Web Publishing service will need to be restarted on all servers hosting the Web Application for
changes to this configuration option to be reloaded.
6.1.1 Allowing Non-2FA Users
The module can be configured to either allow or to prohibit users that do not have 2FA enabled from accessing the Web
Application through the "Users without 2FA enabled may still log in" configuration option.
This scenario occurs if the user is configured for neither SMS-based OTPs nor the Mobile Application and the Web Application
configuration option to allow non-2FA users to log in is enabled. The configuration option to allow non-2FA users defaults to
being enabled after installation.
In this configuration, a user can log into the Web Application with their Active Directory password.
If the configuration option to allow non-2FA users is disabled, then the user will not be able to log into the Web Application.
6.2 Usage
The same 2FA process is followed for all supported Web Apps.
The operation of the Web Application Protection module can be verified as follows:
1. A user that has ESA 2FA enabled in the ADUC management tool is required for testing. The user must also be allowed to access
the Web App.
2. Open the Web App in a desktop browser and authenticate as normal using the Active Directory credentials of the test user.
3. The ESA authentication page should now appear, as per the figure below. The Remote Desktop Web Access plugin on Windows
Server 2008 and the Microsoft Dynamics CRM 2011 plugin will not display the "Cancel" button.
a. If the user is enabled for SMS OTPs, an SMS will be sent containing an OTP that may be entered to authenticate.
b. If the user has installed the ESA mobile application on their phone, it may be used to generate an OTP to authenticate. OTPs