RADIUS: Integrate HYPR RADIUS Server with VMWare Identity Manager
This process assumes HYPR RADIUS is installed and configured to be operational.
VMWare Identity Manager RADIUS Integration
-
In the administration console, open the Identity & Access Management tab, and select Setup.
-
Open the Connectors page and select the Worker link for the connector that is being configured for RADIUS authentication.
-
Click Auth Adapters, then
RadiusAuthAdapter. You will be redirected to the Identity Manager connector. -
Enter your master password credentials if prompted.
-
Click the checkbox to enable the RADIUS Adapter and edit the required fields on the Authentication Adapter page as desired.
-
To automatically initiate RADIUS and pass user credentials, click the checkbox to Enable direct authentication to RADIUS server during auth chaining. This will prevent the end user from having to re-enter their network credentials for RADIUS authentication if already authenticated via Identity Manager.
-
Click Save when done.
| Option | Action |
| Name | A name is required. The default name is RadiusAuthAdapter. You can change this. |
| Enable RADIUS Adapter | Select this box to enable RADIUS authentication. |
| Number of authentication attempts allowed | Enter the maximum number of failed login attempts when using RADIUS to log in. Default: 5 |
| Login page passphrase hint | Enter the text string to display in the message on the user login page to direct users to enter the correct Radius passcode. For example, if this field is configured with** AD password first and then SMS passcode**, the login page message would read** Enter your AD password first and then SMS passcode.** Default: RADIUS Passcode. |
| Enable direct authentication to RADIUS server during auth chaining | Automatically initializes RADIUS auth by sending authentication credentials to the server on initial connection. |
| Number of attempts to RADIUS server | Specify the total number of retry attempts. If the primary server does not respond, the service waits for the configured time before retrying again. |
| Server timeout in seconds | Enter the RADIUS server timeout in seconds, after which a retry is sent if the RADIUS server does not respond. |
| RADIUS server hostname/address | Enter the host name or the IP address of the RADIUS server. |
| Authentication port | Enter the RADIUS authentication port number. This is usually 1812. |
| Accounting port | Enter 0 for the port number. The accounting port is not used at this time. |
| Authentication type | Enter the authentication protocol that is supported by the RADIUS server. Accepted Values: PAP, CHAP, MSCHAP1, MSCHAP2 |
| Shared secret | Enter the shared secret that is used between the RADIUS server and the VMware Identity Manager service. |
| Realm Prefix | (Optional) The user account location is called the realm. |
| If you specify a realm prefix string, the string is placed at the beginning of the user name when the name is sent to the RADIUS server. For example, if the user name is entered as jdoe and the realm prefix _DOMAIN-A_ is specified, the user name DOMAIN-A\jdoe is sent to the RADIUS server. If you do not configure these fields, only the user name that is entered is sent. | |
| Realm Suffix | (Optional) If you specify a realm suffix, the string is placed at end of the user name. For example, if the suffix is @myco.com, the username jdoe@myco.com is sent to the RADIUS server. |
VMWare Identity Manager will now be configured with HYPR RADIUS.