Enable MS-CHAP authentication for users in a domain
You can enable a
BlackBerry 2FAserver to support MS-CHAPv1 and MS-CHAPv2 authentication for RADIUS requests (for example, requests that come from a VPN gateway) for users that are a member of the selected domain. The domain is available for this option because the
2FAserver is running on a host that is joined to an
Active Directorydomain to which
BlackBerry UEMis also connected.
- In theBlackBerry UEMmanagement console, on the menu bar, clickSettings>External integration>BlackBerry 2FA server.
- Click the name of the2FAserver that you want to configure.
- In theActive directory configurationsection, select the domain for which you want to enable MS-CHAP authentication. To disable MS-CHAP authentication, deselect the domain.