Skip Navigation

Enable MS-CHAP authentication for users in a domain

You can enable a
BlackBerry 2FA
server to support MS-CHAPv1 and MS-CHAPv2 authentication for RADIUS requests (for example, requests that come from a VPN gateway) for users that are a member of the selected domain. The domain is available for this option because the
server is running on a host that is joined to an
Active Directory
domain to which
BlackBerry UEM
is also connected.
  1. In the
    BlackBerry UEM
    management console, on the menu bar, click
    External integration
    BlackBerry 2FA server
  2. Click the name of the
    server that you want to configure.
  3. In the
    Active directory configuration
    section, select the domain for which you want to enable MS-CHAP authentication. To disable MS-CHAP authentication, deselect the domain.
  4. Click