Need Help? We are right here!
miniOrange strengthens the security of VMware Horizon with Two Factor Authentication (2FA) or Multi-Factor Authentication (MFA). This advanced approach requires not only your regular password but an additional piece of information it's like having a second lock on your Horizon account, making it exceptionally tough for unauthorized access.
miniOrange seamlessly integrates this added security layer into the VMware Horizon login process. Even if someone discovers your password, they can't get in without the second authentication step, which can be generated by tools like Google Authenticator. This extra layer of security, known as VMware Horizon MFA, helps ensure your sensitive data stays well-protected in line with the latest security standards.
To use miniOrange Multi-Factor Authentication (MFA) or Two-factor Authentication you can enable RADIUS authentication in VMware Horizon View and configure policies in miniOrange to enable or disable MFA for users. miniOrange provides 15+ Multi-Factor Authentication methods to secure your network.
Two-factor authentication (2fa) can be of two types depending on the Application you want to enable it for.
miniOrange provides user authentication from various external directories such as miniOrange Directory, Microsoft AD, Azure Active Directory/LDAP, AWS Cognito and many more.
Can't find your Directory? Contact us on firstname.lastname@example.org
|Client Name:||Any name for your reference.|
|Client IP:||IP address of VPN server which will send Radius authentication request.|
|Shared Secret:||Security key.
For Eg. "sharedsecret"
(Keep this with you, you will need to configure same on VPN Server).
|Do not Support Challenge:||Keep this Unchecked.|
|Group Name:||Group for which the policy will apply.|
|Policy Name:||Any Identifier that specifies policy name.|
|Login Method||Login Method for the users associated with this policy.|
|Enable Two-Factor Authentication||Enables Second Factor during Login for users associated with this policy.|
|Enable Adaptive Authentication||Enables Adaptive Authentication for Login of users associated with this policy.|
Only For On-Premise Version
Step 1: Open Firewall Ports.
|Hostname/Address||Enter the IP address of your Rublon Authentication Proxy.|
|Authentication Port||Set to 1812.|
|Accounting Port||N/A. Leave the default value.|
|Authentication Type||Select PAP.|
|Shared Secret||Enter the RADIUS_SECRET from Rublon Authentication Proxy.|
|Server Timeout||Controls how long the RADIUS server may take to respond to an authentication request.
Set to 60.
miniOrange provides user authentication from various external sources, which can be Directories (like ADFS, Microsoft Active Directory, Azure AD, OpenLDAP, Google, AWS Cognito etc), Identity Providers (like Okta, Shibboleth, Ping, OneLogin, KeyCloak), Databases (like MySQL, Maria DB, PostgreSQL) and many more. You can configure your existing directory/user store or add users in miniOrange.
1. Create User in miniOrange
2. Bulk Upload Users in miniOrange via Uploading CSV File.
Here's the list of the attributes and what it does when we enable it. You can enable/disable accordingly.
|Activate LDAP||All user authentications will be done with LDAP credentials if you Activate it|
|Sync users in miniOrange||Users will be created in miniOrange after authentication with LDAP|
|Fallback Authentication||If LDAP credentials fail then user will be authenticated through miniOrange|
|Allow users to change password||This allows your users to change their password. It updates the new credentials in your LDAP server|
|Enable administrator login||On enabling this, your miniOrange Administrator login authenticates using your LDAP server|
|Show IdP to users||If you enable this option, this IdP will be visible to users|
|Send Configured Attributes||If you enable this option, then only the attributes configured below will be sent in attributes at the time of login|
Refer our guide to setup LDAPS on windows server.
miniOrange integrates with various external user sources such as directories, identity providers, and etc.
Our Other Identity & Access Management Products