Zentyal Forum, Linux Small Business Server

Zentyal Server => Directory and Authentication => Topic started by: jwilliams1976 on March 03, 2017, 06:00:06 pm

Title: Multifactor Authentication - 2FA
Post by: jwilliams1976 on March 03, 2017, 06:00:06 pm

Are there any methods to enable multifactor authentication in Zentyal? I see that there is a PAM module that uses Google Authenticator and Samba4 can do the same. I'm not sure how the AD and Kerberos parts work and I haven't started any testing yet. Many companies (like mine) are being forced to be compliant to cyber security standard NIST 800-171 and it requires 2FA.

Title: Re: Multifactor Authentication - 2FA
Post by: throk on July 07, 2017, 08:31:15 pm

Did you ever find out any info on 2FA? I'm in the same boat as you with the NIST crap.

Title: Re: Multifactor Authentication - 2FA
Post by: jwilliams1976 on July 07, 2017, 08:53:23 pm

I asked their support and management and it's not on Zentyal's roadmap to integrate any 2FA or multi factor auth. What we ended up doing is to segregate all the documents that fall under CUI (Controlled Unclassified Information). We store all those docs in a cloud based storage service that is compliant to the NIST standard. Look for 'FedRAMP High JAB' certification. It was just to onerous and expensive for us to implement NIST 800-171 company wide.

Title: Re: Multifactor Authentication - 2FA
Post by: throk on July 07, 2017, 08:55:20 pm

Thanks for replying so quickly! And thanks for the info!