{"id":6616,"date":"2020-05-21T19:52:22","date_gmt":"2020-05-21T17:52:22","guid":{"rendered":"https:\/\/relnet.hu\/?p=6616"},"modified":"2020-05-22T17:38:57","modified_gmt":"2020-05-22T15:38:57","slug":"tobbtenyezos-hitelesites-multi-factor-authentication-mfa-recaptcha-es-kemp-loadmaster-hasznalataval-microsoft-exchange-szerverhez","status":"publish","type":"post","link":"https:\/\/relnet.hu\/en\/tobbtenyezos-hitelesites-multi-factor-authentication-mfa-recaptcha-es-kemp-loadmaster-hasznalataval-microsoft-exchange-szerverhez\/","title":{"rendered":"T\u00f6bbt\u00e9nyez\u0151s hiteles\u00edt\u00e9s (multi-factor authentication, MFA) reCAPTCHA \u00e9s Kemp LoadMaster haszn\u00e1lat\u00e1val Microsoft Exchange szerverhez"},"content":{"rendered":"

Az al\u00e1bbi le\u00edr\u00e1s c\u00e9lja, hogy technikai \u00fatmutat\u00e1st adjon MFA telep\u00edt\u00e9s\u00e9hez a Google reCAPTCHA v2 \u00e9s LDAP rendszerek, valamint a Kemp LoadMaster haszn\u00e1lat\u00e1val a Microsoft Exchange h\u00e1tt\u00e9ralkalmaz\u00e1s szerver(ek)hez val\u00f3 hozz\u00e1f\u00e9r\u00e9s biztons\u00e1gosabb\u00e1 t\u00e9tel\u00e9nek c\u00e9lj\u00e1b\u00f3l. Mindez a Kemp Edge Security Pack (ESP) alap\u00e9rtelmezett funkci\u00f3ival megval\u00f3s\u00edthat\u00f3.<\/p>\n

Ez a megval\u00f3s\u00edt\u00e1s a Google Authenticator (reCAPTCHA v2) \u00e9s LDAP protokollt haszn\u00e1l\u00f3, LDAP szerverhez val\u00f3 hozz\u00e1f\u00e9r\u00e9si hiteles\u00edt\u0151 adatok (felhaszn\u00e1l\u00f3n\u00e9v \/ jelsz\u00f3) integr\u00e1l\u00e1s\u00e1n alapul.<\/p>\n

\nTov\u00e1bbi inform\u00e1ci\u00f3 a Google CAPTCHA v2-r\u0151l itt<\/a> el\u00e9rhet\u0151.<\/p>\n

\n<\/p>\n

\u00c1ttekint\u00e9s<\/h5>\n

justify
\nno-repeat;left top;;
\nauto<\/p>\n

\"1\"
\nrn-kep-kepala<\/p>\n

A fenti architekt\u00far\u00e1ban l\u00e1that\u00f3 a folyamatban r\u00e9sztvev\u0151 komponensek diagramja.<\/p>\n

A folyamat a k\u00f6vetkez\u0151:<\/p>\n

\u2022 Az \u00fcgyf\u00e9l csatlakozik az Exchange kiszolg\u00e1l\u00f3hoz a Kemp LoadMaster-en kereszt\u00fcl. A Kemp LoadMaster Edge Security Pack (ESP) \u00fagy van be\u00e1ll\u00edtva, hogy \u00e1tir\u00e1ny\u00edtsa az \u00fcgyfelet a Kemp hiteles\u00edt\u00e9si \u0171rlapj\u00e1ra.<\/p>\n

\u2022 Megjelenik a Kemp LoadMaster hiteles\u00edt\u00e9si \u0171rlapja, amely felk\u00e9ri a felhaszn\u00e1l\u00f3t a reCAPTCHA meger\u0151s\u00edt\u00e9s\u00e9re.
\njustify
\nno-repeat;left top;;
\nauto<\/p>\n

\"2\"
\nrn-kep-kepala<\/p>\n

\u2022 A felhaszn\u00e1l\u00f3 meger\u0151s\u00edti a reCHAPTA-t, amelyet a Kemp LoadMaster ellen\u0151riztet a Google-vel.<\/p>\n

\u2022 Amennyiben ez sikeres volt, a felhaszn\u00e1l\u00f3nak meg kell adnia a hozz\u00e1f\u00e9r\u00e9si hiteles\u00edt\u0151 adatait (felhaszn\u00e1l\u00f3n\u00e9v \/ jelsz\u00f3). Megjegyz\u00e9s: A Log On (bejelentkez\u00e9s) gomb csak ezt k\u00f6vet\u0151en haszn\u00e1lhat\u00f3.
\njustify
\nno-repeat;left top;;
\nauto<\/p>\n

\"3\"
\nrn-kep-kepala<\/p>\n

\u2022 A Kemp LoadMaster tov\u00e1bb\u00edtja a hozz\u00e1f\u00e9r\u00e9si hiteles\u00edt\u0151 adatokat az LDAP kiszolg\u00e1l\u00f3hoz, amely ellen\u0151rzi ezeket (felhaszn\u00e1l\u00f3n\u00e9v \/ jelsz\u00f3).<\/p>\n

\u2022 Amennyiben ez sikeres volt, az LDAP szerver egy \u201eBind Success\u201d v\u00e1laszt ad.<\/p>\n

\u2022 A Kemp LoadMaster tov\u00e1bb\u00edtja a k\u00e9r\u00e9st az Exchange Server-nek az \u00fcgyf\u00e9l hiteles\u00edt\u0151 adataival.<\/p>\n

Megjegyz\u00e9s: Amennyiben a m\u0171velet meghaladja a reCAPTCHA id\u0151korl\u00e1tj\u00e1t, a meger\u0151s\u00edt\u00e9st ism\u00e9t el kell v\u00e9gezni.
\njustify
\nno-repeat;left top;;
\nauto<\/p>\n

\"4\"
\nrn-kep-kepala<\/p>\n

Konfigur\u00e1ci\u00f3s k\u00f6vetelm\u00e9nyek<\/h5>\n

A funkci\u00f3hoz sz\u00fcks\u00e9ges konfigur\u00e1ci\u00f3 \u00e9s k\u00f6vetelm\u00e9nyek:<\/p>\n

\n\u2022 LDAP szerver (LDAP csatlakoz\u00e1ssal a Kemp LoadMaster-hez)<\/p>\n

\u2022 Google Captcha (el\u00e9rhet\u0151 itt: link)<\/p>\n

\u2022 Microsoft Exchange OWA \u201eForms Based\u201d be\u00e1ll\u00edt\u00e1ssal<\/p>\n

\u2022 Kemp LoadMaster Enterprise \/ Enterprise Plus el\u0151fizet\u00e9ssel (vagy pr\u00f3balicenccel)<\/p>\n

\u2022 Kemp firmware v7.2.49 (vagy \u00fajabb)<\/p>\n

\n<\/p>\n

Kemp LoadMaster konfigur\u00e1ci\u00f3<\/h5>\n

Kemp LoadMaster konfigur\u00e1ci\u00f3, amely az ismertetett folyamathoz sz\u00fcks\u00e9ges:<\/p>\n

\n\u2022 Az LDAP v\u00e9gpont konfigur\u00e1l\u00e1s\u00e1nak l\u00e9p\u00e9sei: Virtual Services > Manage SSO > New SSO<\/p>\n

\u2022 Az LDAP szerver adatainak megad\u00e1sa
\njustify
\nno-repeat;left top;;
\nauto<\/p>\n

\"5\"
\nrn-kep-kepala<\/p>\n

\u2022 A virtu\u00e1lis szolg\u00e1ltat\u00e1s konfigur\u00e1l\u00e1s\u00e1hoz a Virtual Services > ESP Options \u2013 men\u00fcpont sz\u00fcks\u00e9ges<\/p>\n

\u2022 Meg kell adni a reCAPTCHA adatait, illetve \u201eExchange\u201d-t sz\u00fcks\u00e9ges kiv\u00e1lasztani az SSO Image Set-hez. Megjegyz\u00e9s: az \u201eEnable Captcha\u201d jel\u00f6l\u0151n\u00e9gyzet legyen kipip\u00e1lva.
\njustify
\nno-repeat;left top;;
\nauto<\/p>\n

\"6\"
\nrn-kep-kepala<\/p>\n

Forr\u00e1s:<\/h5>\n

\nMulti-Factor Authentication (MFA) with reCAPTCHA using Kemp LoadMaster<\/p>\n

\n<\/p>\n

Kapcsol\u00f3d\u00f3 tartalom:<\/h5>\n

\nA Kemp 90 napig ingyenesen haszn\u00e1lhat\u00f3, korl\u00e1tlan kapacit\u00e1s\u00fa terhel\u00e9seloszt\u00f3t k\u00edn\u00e1l a j\u00e1rv\u00e1ny idej\u00e9re<\/a><\/p>\n

\nTerhel\u00e9selosztott t\u00e1voli asztali szolg\u00e1ltat\u00e1sok kialak\u00edt\u00e1sa a Kemp megold\u00e1s\u00e1val<\/a><\/p>\n

LoadMaster m\u00e9retez\u00e9si \u00fatmutat\u00f3<\/a>
\nno-repeat;left top;;
\nauto<\/p>\n","protected":false},"excerpt":{"rendered":"

Technikai \u00fatmutat\u00e1s MFA telep\u00edt\u00e9s\u00e9hez a Google reCAPTCHA v2 \u00e9s LDAP rendszerek, valamint a Kemp LoadMaster haszn\u00e1lat\u00e1val a Microsoft Exchange h\u00e1tt\u00e9ralkalmaz\u00e1s szerver(ek)hez val\u00f3 hozz\u00e1f\u00e9r\u00e9s biztons\u00e1gosabb\u00e1 t\u00e9tel\u00e9nek c\u00e9lj\u00e1b\u00f3l. <\/p>\n","protected":false},"author":1086,"featured_media":6646,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[335,556,557,53,1197,938,1182],"tags":[1540,55,1538,293,98,1533,1535,1208,1534,1280,1537,1536],"yst_prominent_words":[],"class_list":["post-6616","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-gyarto","category-it-biztonsag","category-it-halozat","category-kemp-technologies","category-vegfelhasznalo","category-viszontelado","category-vpn","tag-esp","tag-kemp","tag-ldap","tag-loadbalancing","tag-loadmaster","tag-mfa","tag-microsoft-exchange","tag-multi-factor-authentication","tag-recaptcha","tag-terheleselosztas","tag-terheleskiegyenlites","tag-tobbtenyezos-hitelesites"],"_links":{"self":[{"href":"https:\/\/relnet.hu\/en\/wp-json\/wp\/v2\/posts\/6616","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/relnet.hu\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/relnet.hu\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/relnet.hu\/en\/wp-json\/wp\/v2\/users\/1086"}],"replies":[{"embeddable":true,"href":"https:\/\/relnet.hu\/en\/wp-json\/wp\/v2\/comments?post=6616"}],"version-history":[{"count":0,"href":"https:\/\/relnet.hu\/en\/wp-json\/wp\/v2\/posts\/6616\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/relnet.hu\/en\/wp-json\/wp\/v2\/media\/6646"}],"wp:attachment":[{"href":"https:\/\/relnet.hu\/en\/wp-json\/wp\/v2\/media?parent=6616"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/relnet.hu\/en\/wp-json\/wp\/v2\/categories?post=6616"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/relnet.hu\/en\/wp-json\/wp\/v2\/tags?post=6616"},{"taxonomy":"yst_prominent_words","embeddable":true,"href":"https:\/\/relnet.hu\/en\/wp-json\/wp\/v2\/yst_prominent_words?post=6616"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}