Skip to main content

Which setup to do, depending on the users?

Users from Active Directory - MFA Bastion

  • Installation of Trustelem AD Connect on a VM to synchronize the users with Trustelem
  • Installation of Trustelem Connect on a VM to allow the radius authentications from the Bastion
  • Setup on the Bastion: Radius

Users from Active Directory - MFA Access Manager

  • Installation of Trustelem AD Connect on a VM, to synchronize/authenticate the users with/on Trustelem
  • If the session access use account mapping, the recommended setup on Access Manager is Radius
  • If the session access use transformation rules, the recommended setup on Access Manager is SAML

Local Users / Other directories - MFA Bastion

  • Installation of Trustelem Connect on a VM to allow the radius and LDAP authentications from the Bastion
  • Recommended setup on the Bastion for the provisioning and the 1st factor: Trustelem LDAP
    • if you don't want to use LDAP, you will have to create user locally on both Bastion and Trustelem. In the case, the only authentication on the Bastion is Radius.
    • if you use LDAP, you just have to create the users on Trustelem
    • the LDAP setup on the Bastion has to use mail as Login and User name attribute
  • Setup on the Bastion for the 2nd factor: Radius

Local Users / Other directories - MFA Access Manager

  • Installation of Trustelem Connect on a VM to allow ldap search from the Bastion
  • Recommended setup on the Bastion for the provisioning: Trustelem LDAP
    • if you don't want to use LDAP, you will have to create user locally on both Bastion and Trustelem
    • if you use LDAP, you just have to create the users on Trustelem
    • the LDAP setup on the Bastion has to use mail as Login and User name attribute
  • Recommended setup on Access Manager: SAML
Back to top