THE INFORMATION IN THIS ARTICLE APPLIES TO:
The registry settings below will enable WTC authentication by the Site's authentication manager (e.g., AD/LDAP) and then with a session-specific, one-time passcode (e.g., a code sent via text or email message).
- After creating the registry settings below, restart the EFT server service, then log in to EFT with your AD/LDAP password.
After authenticating with AD/LDAP, EFT sends a request to the SMS authentication server to get your token; enter that token in the login screen.
- In versions prior to v7.4.13, you would be asked to provide your LDAP/AD password twice.
- In v7.4.13 and later, setting UseAuthManagerPasswordForMultistep to any non-zero value will skip the second AD/LDAP authentication.
Create the following registry entry:
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\GlobalSCAPE Inc.\EFT Server 4.0\Config\
Value name: UseAuthManagerWithMultiStep
Default Value: false
Description: When non-zero, causes authentication to FIRST use the Site's authentication manager and, if succeeded, proceed to RSA/RADIUS authentication to finish authentication.
UseAuthManagerPasswordForMultistep (added in v7.4.13)
Default Value: 0/false
Description: When non-zero, EFT, after successful authenticating user with their password against site's auth manager, uses the password to authenticate the user against RSA/RADIUS.
Value name: AuthManagerWithMultiStepChallenge
Default Value: Enter the RSA SecurID token to complete authentication:
Max Length: 255
Description: Specifies the challenge text to display after succeeding with authentication manager authentication, prompting user for RSA/RADIUS input.