Activating Double-Factor Authentication

You can integrate the Double-Factor Authentication for TSplus with SAASPASS, the Leader of Multi-Factor Authentication.

The SAASPASS-TSplus integration is a quick and straightforward process. Before you start, please make sure that your server is accessible from out of your network. If your server cannot be accessed by SAASPASS you will not be able to use Scan Barcode, Proximity Login and One-Time Password to log in. The SAASPASS-TSplus integration can be done by following these steps (these instructions may be different on some Windows Server versions).

Prerequisites

Make sure you meet the pre-requisites before continuing the integration:

Screenshot 1-23

Note: Load-Balancing is not compatible with SAASPASS Double-factor authentication.

STEP 1

Download SAASPASS-TSplus plugin archive from here and extract the content into the following folder C://inetpub/wwwwroot/SAASPASS-TSPlus:

Screenshot 2-23

STEP 2

Open IIS Manager, right-click on Sites and then click on Add Web Site. Fill the from with appropriate data, where the Physical Path will point to the extracted content of the archive.

Screenshot 3-23

Don’t forget to specify the http port to 81.

STEP 3

You will have to add the TSplus cgi-bin virtual directory - located under the path C:\Program Files (x86)\TSplus\Clients\wwww\cgi-bin - as an application into your SAASPASS-TSplus website:

Screenshot 4-23

Screenshot 5-23

Then, double-click on the "Handler Mappings" icon for this folder on the right side of the Manager window:

Screenshot 6-23


Now, right-click on CGI-exe and click on "Edit Feature Permissions":

Screenshot 7-23

Check the "Execute" checkbox and click OK:

Screenshot 8-23

STEP 4

Configure CGI extension permission Then, allow the CGI extension to run on the server. Click on the "ISAPI and CGI Restrictions" icon. This can be found by clicking on the machine name in the menu on the left side of the window:

Screenshot 9-23

On the "ISAPI and CGI Restrictions" page, click "Add ..." on the right side of the window. Now specify the full path to the "hb.exe" file hosted in the TSplus folder. Be sure to check the "Allow extension path to execute" option, as Illustrate the following screenshots:

Screenshot 10-23

Screenshot 11-23

STEP 5

Add Mime types in IIS Double-click on the Mime Types icon:

Screenshot 12-23

And verify that the “.” and “.dat” extensions appear with a text/plain MIME type:

Screenshot 13-23

Otherwise, add them by opening a command prompt as an administrator and run the following commands:

%SystemRoot%\system32\inetsrv\appcmd set config /section:staticContent /+[fileExtension='.dat',mimeType='text/plain']

%SystemRoot%\system32\inetsrv\appcmd set config /section:staticContent /+[fileExtension='.',mimeType='text/plain']

Then restart IIS.

STEP 6

Once you set up the SAASPASS-TSplus plugin to run under IIS, now we need to change TSplus to use IIS Server instead of the built-in server:

Screenshot 14-23

Screenshot 15-23

STEP 7

On the SAASPASS Portal, when switched to Company mode, you can add users on the Groups & Users tile and TSplus on the Company Applications tile:

Screenshot 16-23

Screenshot 17-23

Screenshot 18-23
You can see that the application is running and one user or group is connected.

STEP 8

Once everything is in place, open IIS Manager and go to Application Settings for the SAASPASS-TSplus site.

Screenshot 19-23

Screenshot 20-23

Enter the correct values for your application APIKEY and APIPASSWORD, which you can get from APP KEY & PASSWORD on the SAASPASS Admin Portal when you are managing your Application.

STEP 9

Under the TSplus application on the SAASPASS Admin Portal, open Application Settings and enter your desired IP Filter, as well as the TSplus URL, with your domain name, for example:

Screenshot 21-23

STEP 10

To add the RemoteApp or the Load Balancing options under TSplus to configure it please see this documentation page. For SSL setup instructions please refer to this documentation.

STEP 11

Open the TSplus AdminTool and navigate to Security -> Advanced Security. Enable 'Deny access from Microsoft RDP client' and 'Encrypts end-to-end communications'. Save the changes. Restart TSplus.

Screenshot 22-23

You are all set, now you can login to TSplus with SAASPASS:

Screenshot 23-23



Back To Top



Discover all TSplus features »