Applies to: Command Center
You can enable two-factor authentication (which is a form of multi-factor authentication) for all users or some specific user groups in the CommCell. If you are a service provider for a multi-tenant CommCell environment, enabling two-factor authentication at the CommCell level includes all the companies in your environment.
Note
If a user is a member of multiple user groups, and you enable two-factor authentication for any of those user groups, then two-factor authentication is enabled for that user.
Procedure
-
From the navigation pane, go to Manage > CommCell.
The CommCell page appears.
-
In the General section, move the Enable two factor authentication toggle key to the right.
The Enable two factor authentication dialog box appears.
Note
If you configured the CommCell to allow domain users to log on using Single Sign On (SSO), then Two-Factor Authentication will not take effect on the domain users. We recommend you disable SSO for the respective domain controller.
-
Enable two factor authentication:
-
All: To enable two-factor authentication for all users in the CommCell, leave this option selected.
-
User groups: To enable two-factor authentication at the user group level in the CommCell, select this option.
Alternatively, you can use the EnableTFAWithGroupInclusion script to enable two factor authentication with option to include groups.
-
-
Under Web authentication:
-
To allow users log on without a password using the web authenticator method, move the Allow passwordless login toggle key to the right.
-
To allow users to log on using the web authenticator method only, move the Allow passwordless login and the Allow usernameless login toggle keys to the right.
-
-
Click Save.