Online Help > Support/Resources > Knowledge Base > Configure Two-factor Authentication (2FA)

SafeNet settings

Prerequisite

 

1.The complete SAS-SDK provided by SafeNet.

2.Hostname provided by SafeNet.

3.The Key file related to the SafeNet Authentication Service Manager account provided by SafeNet.

 

Settings

 

1.Install the BlackShield ID .Net Authentication API on the hosting machine of Devolutions Password Server. Depending on the hosting server, it can be the x86 or the x64 version.

 

BlackShield ID .Net Authentication API

BlackShield ID .Net Authentication API

 

2.When this installer ask for the hostname or IP Address of your BlackShield ID Authentication Server, please fill in the information provided by SafeNet for this hostname and check the Connect using SSL option.

 

BlackShield ID Authentication Server Address

BlackShield ID Authentication Server Address

 

3.Copy the Key file in the BlackShield installation folder of the hosting computer of Devolutions Password Server. In this case, it is the C:\Program Files\CRYPTOCard\BlackShield ID\API\KeyFile folder.

 

Key file folder

Key file folder

 

4.Connect to the SafeNet Authentication Service Manager.

 

SafeNet Authentication Service Manager

SafeNet Authentication Service Manager

 

5.Create each user from DVLS in the SafeNet Authentication Service Manager. It is very important that the user names in DVLS and SafeNet must be identical.

 

Creating user - SafeNet

Creating user - SafeNet

 

6.Next, click on the Provision button.

 

User Detail - SafeNet

User Detail - SafeNet

 

7.Select the authentication type and click on the Provision button. In this example, we choose the MobilePASS authentication type.

 

Select Authentication Type - SafeNet

Select Authentication Type - SafeNet

 

8.An email is sent to the user and a task have been added to the list of the Provisioning Tasks.

 

Provisioning Tasks - SafeNet

Provisioning Tasks - SafeNet

 

9.When the email is received by the user, he has to click on the link to start the token enrollment.

 

SafeNet self-enrollment email

SafeNet self-enrollment email

 

10. In this example, if the MobilePASS application is not installed on the device or the computer, please install it by clicking on the download link. After it is correctly installed, click on the Enroll your MobilePASS token link.

 

SafeNet Self Enrollment

SafeNet Self Enrollment

 

11. Then, accept the token in the MobilePASS application by clicking on the Activate button. Follow the instructions to activate the SafeNet token.

 

clip10172

 

12. On the Devolutions Password Server console, select and edit the instance. Then go on the Two-Factor tab and check the SafeNet checkbox and click on the Save button.

 

Two-Factor tab

Two-Factor tab

 

13.On the Devolutions Password Server console, click on the User Management dialog, edit each user that will use the SafeNet two factor authentication.

 

User Management

User Management

 

14.Change the Two Factor type for SafeNet and click on Save.

 

Two Factor Configuration dialog

Two Factor Configuration dialog

 

15.Enter the Validation code from the MobilePASS application and click on the Save button.

 

SafeNet Setup

SafeNet Setup